diff options
author | Lars Wirzenius <liw@liw.fi> | 2022-12-17 16:54:58 +0000 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2022-12-17 16:54:58 +0000 |
commit | d951606f5eaf5611c9fb114ccf4b1c39e6ddf7c9 (patch) | |
tree | b832106557feb71a2f7313591d521697cbb99b6e | |
parent | a20dde98604825194c603551ed670bb8f84d5a10 (diff) | |
parent | e14f7f036c2ca424e37840daffdbc8c395b82685 (diff) | |
download | sshca-d951606f5eaf5611c9fb114ccf4b1c39e6ddf7c9.tar.gz |
Merge branch 'debian-build-depw' into 'main'
various build improvements and a README
Closes #28
See merge request larswirzenius/sshca!63
-rw-r--r-- | README.md | 33 | ||||
-rwxr-xr-x | check | 14 | ||||
-rw-r--r-- | debian/control | 1 | ||||
-rwxr-xr-x | debian/rules | 4 |
4 files changed, 45 insertions, 7 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..b87dd66 --- /dev/null +++ b/README.md @@ -0,0 +1,33 @@ +# sshca---SSH certificate management + +The `sshca` tool helps manage an SSH Certificate Authority ([SSH CA][]) and +create host and user certificates. Such certificates make using and +administering SSH less tedious and more secure. + +An SSH CA is an SSH key dedicated to signing, or certifying, other SSH +keys. Such a signed key is called a certificate and is used together +with the private part of the certified key. The certificate is used +instead of the public key. + +SSH clients and servers can be configured to trust certificates made +by one or more CA keys. This makes it possible for a client to trust a +server without asking the user to accept the host key for each new +server. A server can trust a client without having the client's public +key configured for that user in the `authorized_key` file. This +simplifies overall key management significantly, but requires creating +and managing CA keys and certificates. + +[SSH CA]: https://liw.fi/sshca + +See <https://sshca.liw.fi/> for more information about the tool. + +## Dependencies + +You need the following to run `./check` and build and run the +software: + +* the Rust toolchain: `cargo` and `rustc` and anything they need +* Python version 3 +* [Subplot](https://subplot.tech/) +* [Pandoc](https://pandoc.org/) +* pdflatex, such as from [TeXlive](https://tug.org/texlive/) @@ -5,14 +5,20 @@ set -eu hideok=chronic -if [ "$#" -gt 0 ]; then +offline= + +while [ "$#" -gt 0 ]; do case "$1" in verbose | -v | --verbose) hideok= shift ;; + offline | -o | --offline) + offline=--offline + shift + ;; esac -fi +done require_cmd() { if ! command -v "$1" >/dev/null; then @@ -42,7 +48,7 @@ subplot docgen sshca.subplot -o sshca.html subplot docgen sshca.subplot -o sshca.pdf got_cargo_cmd clippy && cargo clippy --all-targets -q -$hideok cargo build --all-targets -$hideok cargo test +$hideok cargo build --all-targets $offline +$hideok cargo test $offline echo "Everything seems to be in order." diff --git a/debian/control b/debian/control index b5dcde4..71291d0 100644 --- a/debian/control +++ b/debian/control @@ -5,7 +5,6 @@ Priority: optional Standards-Version: 4.2.0 Build-Depends: debhelper (>= 10~), - build-essential, dh-cargo, git, moreutils, diff --git a/debian/rules b/debian/rules index dc7747a..8bf4e17 100755 --- a/debian/rules +++ b/debian/rules @@ -7,8 +7,8 @@ override_dh_auto_build: true override_dh_auto_install: - cargo install --path=. --root=debian/sshca + cargo install --offline --path=. --root=debian/sshca find debian/ -name '.crates*' -delete override_dh_auto_test: - ./check + ./check --offline |