infra/scripts/make_base_keys.sh

37 lines
756 B
Bash
Executable File

#!/usr/bin/env bash
# fail on errors
set -e
die() {
echo >&2 "$@"
exit 1
}
# set up target folder
P="$1"
[[ -z "$P" || -d "$P" ]] && die "specify a non-existent path as a first argument"
mkdir "$P"
pushd "$P" >/dev/null
# host keys
echo "Generating SSH host keys.."
ssh-keygen -t ed25519 -f ./host -q -N "" -C ""
# host pubkey -> age key
echo "AGE key is: $(cat ./host.pub | ssh-to-age)"
# host keys (initrd)
echo "Generating SSH host keys.. (initrd)"
ssh-keygen -t ed25519 -f ./host_initrd -q -N "" -C ""
# luks pw
echo "Generating LUKS password file.."
echo -n "$(openssl rand -base64 24)" > ./luks-pw
# we are done
popd >/dev/null
echo "Finished generating keys." \
"Delete them or put them somewhere else once you're done with them."