6 ## Check to see whether we're already set up.
8 echo >&2 "$0: already set up: delete ca/ to restart"
12 ## Clear out and recreate the old state directories.
13 rm -rf gnupg ca ca.new publish publish.new
14 mkdir -m700 gnupg ca.new
16 ## Generate the CA keys.
17 for kt in $keytypes; do
19 *:*) bits=-b${kt#*:} kt=${kt%:*} ;;
22 ssh-keygen -fca.new/ca-$kt -t$kt $bits -C"$cacomment" -N ""
25 ## Generate the GnuPG key.
26 run_gpg --batch -q --gen-key <<EOF
27 %echo Generating key ssh-ca; hold on tight...
28 Key-Type: $gnupg_key_type
29 Key-Length: $gnupg_key_length
30 Name-Real: ${gnupg_key_realname_prefix}ssh-ca
32 Name-Email: ssh-ca@$gnupg_key_email_domain