broke out create_files

scripts/ssh-server-check.sh

@@ -195,6 +195,28 @@ restart_sshd() {
     fi
 }
 
+create_files() {
+    if [[ $CREATE_HOST_CERT -eq 1 ]]; then
+        prompt_user "SSH Host" "Cert missing. Sign the ssh host cert?"
+        if [[ $REPLY =~ ^[Yy]$ ]]; then
+            update_prompt $YELLOW_BANG "Signing ssh host cert"
+            sign_host_cert
+        else
+            update_prompt $RED_X
+        fi
+    fi
+
+    if [[ $CREATE_USER_CA -eq 1 ]]; then
+        prompt_user "SSH Host" "Create the trusted keys file?"
+        if [[ $REPLY =~ ^[Yy]$ ]]; then
+            (step ssh config --roots > "$path")
+            update_prompt $GREEN_CHECK "SSH Host" "Created the trusted keys file for the SSH host."
+        else
+            update_prompt $RED_X
+        fi
+    fi
+}
+
 
 # Run Process
 
@@ -202,26 +224,10 @@ check_cert_config "certs.conf"
 echo
 check_ssh_config_files
 
-if [[ $CREATE_HOST_CERT -eq 1 ]]; then
+create_files
-    prompt_user "SSH Host" "SSH host cert missing. Sign the ssh host cert?"
-    if [[ $REPLY =~ ^[Yy]$ ]]; then
-        update_prompt $YELLOW_BANG "Signing ssh host cert"
-        sign_host_cert
-    else
-        update_prompt $RED_X
-    fi
-fi
 
-# CREATE_USER_CA=1
+title_msg "\nSSH Host Cert" "$SSH_HOST_CERT\n"
-if [[ $CREATE_USER_CA -eq 1 ]]; then
+CERT_INFO=$(ssh-keygen -Lf "$SSH_HOST_CERT")
-    prompt_user "User CA" "Create the trusted keys file?"
+echo -e "$CERT_INFO" | grep "Public key"
-    if [[ $REPLY =~ ^[Yy]$ ]]; then
+echo -e "$CERT_INFO" | grep "Valid"
-        (step ssh config --roots > "$path")
+echo -e "$CERT_INFO" | grep -A3 "Principals"
-        update_prompt $GREEN_CHECK "User CA" "Created the trusted keys file."
-    else
-        update_prompt $RED_X
-    fi
-fi
-
-echo -e "\n$SSH_HOST_CERT"
-ssh-keygen -Lf "$SSH_HOST_CERT" | grep "Public key" | sed 's/^ *//'