Update ca host config

services/ca/templates/ssh/config.tpl

@@ -0,0 +1,14 @@
+Host *
+{{- if or .User.GOOS "none" | eq "windows" }}
+{{- if .User.StepBasePath }}
+	Include "{{ .User.StepBasePath | replace "\\" "/" | trimPrefix "C:" }}/ssh/includes"
+{{- else }}
+	Include "{{ .User.StepPath | replace "\\" "/" | trimPrefix "C:" }}/ssh/includes"
+{{- end }}
+{{- else }}
+{{- if .User.StepBasePath }}
+	Include "{{.User.StepBasePath}}/ssh/includes"
+{{- else }}
+	Include "{{.User.StepPath}}/ssh/includes"
+{{- end }}
+{{- end }}

services/ca/templates/ssh/known_hosts.tpl

@@ -0,0 +1,4 @@
+@cert-authority * {{.Step.SSH.HostKey.Type}} {{.Step.SSH.HostKey.Marshal | toString | b64enc}}
+{{- range .Step.SSH.HostFederatedKeys}}
+@cert-authority * {{.Type}} {{.Marshal | toString | b64enc}}
+{{- end }}

services/ca/templates/ssh/sshd_config.tpl

@@ -0,0 +1,4 @@
+Match all
+	TrustedUserCAKeys /etc/ssh/ca.pub
+	HostCertificate /etc/ssh/{{.User.Certificate}}
+	HostKey /etc/ssh/{{.User.Key}}

services/ca/templates/ssh/step_config.tpl

@@ -0,0 +1,11 @@
+Match exec "step ssh check-host{{- if .User.Context }} --context {{ .User.Context }}{{- end }} %h"
+{{- if .User.User }}
+	User {{.User.User}}
+{{- end }}
+{{- if or .User.GOOS "none" | eq "windows" }}
+	UserKnownHostsFile "{{.User.StepPath}}\ssh\known_hosts"
+	ProxyCommand C:\Windows\System32\cmd.exe /c step ssh proxycommand{{- if .User.Context }} --context {{ .User.Context }}{{- end }}{{- if .User.Provisioner }} --provisioner {{ .User.Provisioner }}{{- end }} %r %h %p
+{{- else }}
+	UserKnownHostsFile "{{.User.StepPath}}/ssh/known_hosts"
+	ProxyCommand step ssh proxycommand{{- if .User.Context }} --context {{ .User.Context }}{{- end }}{{- if .User.Provisioner }} --provisioner {{ .User.Provisioner }}{{- end }} %r %h %p
+{{- end }}

services/ca/templates/ssh/step_includes.tpl

@@ -0,0 +1 @@
+{{- if or .User.GOOS "none" | eq "windows" }}Include "{{ .User.StepPath | replace "\\" "/" | trimPrefix "C:" }}/ssh/config"{{- else }}Include "{{.User.StepPath}}/ssh/config"{{- end }}