signing host cert

scripts/ssh-server-check.sh

@@ -124,11 +124,20 @@ check_ssh_config_files() {
 
     row_process "hostkey"
     row_process "hostcertificate"
+    case "$status" in
+        missing)
+            prompt_user "SSH Host" "SSH host cert missing. Sign the ssh host cert?"
+            if [[ $REPLY =~ ^[Yy]$ ]]; then
+                sign_host_cert
+                update_prompt $GREEN_CHECK "Signed ssh host cert"
+            else
+                update_prompt $RED_X
+            fi
+            ;;
+    esac
     row_process "trustedusercakeys"
     case "$status" in
-        success) return ;;
         missing)
-            # Do something if trustedusercakeys is missing
             prompt_user "User CA" "Created the trusted keys file?"
             if [[ $REPLY =~ ^[Yy]$ ]]; then
                 (step ssh config --roots > "$path")
@@ -137,7 +146,6 @@ check_ssh_config_files() {
                 update_prompt $RED_X
             fi
             ;;
-        unconfigured) return;;
     esac
 }
 
@@ -211,6 +219,3 @@ check_ssh_config_files
 echo
 echo "Host key fingerprint"
 ssh_fingerprint hostkey
-
-# prompt_user
-# auto_update_prompt