Documentation
¶
Overview ¶
Package data implements utility functions for setting fixed paths and various functions for creating SSH/TLS keys and certificates
Index ¶
- Variables
- func Checksum(data string) (string, error)
- func ChecksumFile(path string) (string, error)
- func GenerateKeyPair(domain string) error
- func GenerateSSHKeys(rotate bool) error
- func GenerateServerCA() error
- func GenerateTLS(host string) error
- func GenerateToken(rotate bool) error
- func GetHostSigner() (ssh.Signer, error)
- func GetPublicHostKey() ([]byte, error)
- func GetPublicServerCA() ([]byte, error)
- func GetPublicUserKey() ([]byte, error)
- func GetToken() (string, error)
- func GetUserSigner() (ssh.Signer, error)
- func NewSigner(path, comment string) error
- func Path(rel string) string
- func RegenerateKeys(host string) error
- func SignHostCertificate(publicKey string, hostname string, expiration time.Duration) ([]byte, error)
- func SignUserCertificate(publicKey string, principal string, expiration time.Duration) ([]byte, error)
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // Certificates & Keys for the grpc server BaseCertDir = Path("certs") ServerCaCert = Path("certs/proto_server_ca.pem") ServerCaKey = Path("certs/proto_server_ca_key.pem") ServerCert = Path("certs/proto_server.pem") ServerKey = Path("certs/proto_server_key.pem") // User key to verify users against the host UserKey = Path("nexus_user.key") // CA to verify hosts against the user HostCAKey = Path("nexus_host_ca.key") // Secret to authenticate the agent Token = Path("token") // Various paths used on the server SSHConfigPath = "/etc/ssh/sshd_config.d/nexus.conf" PrincipalPath = "/etc/ssh/nexus_principals/" PublicUserKeyPath = "/etc/ssh/nexus_user.pub" PrivateHostKeyPath = "/etc/ssh/ssh_host_ed25519_key" PublicHostKeyPath = "/etc/ssh/ssh_host_ed25519_key.pub" CertHostPath = "/etc/ssh/ssh_host_ed25519_key-cert.pub" AuthorizedKeysPath = "~/.ssh/authorized_keys" // Path to the agent binary AgentPath = "/usr/local/bin/nexus-agent" AgentService = "/etc/systemd/system/nexus-agent.service" // Path to the temporary agent binary (for downloads and updates) AgentDownloadPath = filepath.Join(os.TempDir(), "nexus-agent") )
Functions ¶
func ChecksumFile ¶
ChecksumFile calculates the sha256 checksum of a file
func GenerateKeyPair ¶
GenerateKeyPair generates a certificate and private key pair signed by the given CA.
func GenerateSSHKeys ¶
func GenerateServerCA ¶
func GenerateServerCA() error
GenerateServerCA generates a CA certificate and private key pair.
func GenerateTLS ¶
func GenerateToken ¶
func GetHostSigner ¶
func GetPublicHostKey ¶
func GetPublicServerCA ¶
func GetPublicUserKey ¶
func GetUserSigner ¶
func RegenerateKeys ¶
func SignHostCertificate ¶
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.