From ffb5ee7fdacd205124466f6f0cb503eb41ab6b6c Mon Sep 17 00:00:00 2001
From: Will May <will.j.may@gmail.com>
Date: Thu, 2 Mar 2017 16:54:05 +0000
Subject: [PATCH] Changes from code review

---
 builtin/logical/ssh/backend_test.go           | 1 -
 builtin/logical/ssh/path_config_ca.go         | 8 ++++++++
 website/source/docs/secrets/ssh/index.html.md | 2 +-
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/builtin/logical/ssh/backend_test.go b/builtin/logical/ssh/backend_test.go
index 97d91f978d..a76f4500a1 100644
--- a/builtin/logical/ssh/backend_test.go
+++ b/builtin/logical/ssh/backend_test.go
@@ -537,7 +537,6 @@ func TestBackend_AbleToAutoGenerateSigningKeys(t *testing.T) {
 				Operation: logical.UpdateOperation,
 				Path:      "config/ca",
 				Data: map[string]interface{}{
-					"generate_signing_key":  true,
 				},
 			},
 
diff --git a/builtin/logical/ssh/path_config_ca.go b/builtin/logical/ssh/path_config_ca.go
index 1c19ce0735..08fbe011ff 100644
--- a/builtin/logical/ssh/path_config_ca.go
+++ b/builtin/logical/ssh/path_config_ca.go
@@ -27,6 +27,7 @@ func pathConfigCA(b *backend) *framework.Path {
 			"generate_signing_key": &framework.FieldSchema{
 				Type:        framework.TypeBool,
 				Description: `Generate SSH key pair internally rather than use the private_key and public_key fields.`,
+				Default: true,
 			},
 		},
 
@@ -104,7 +105,14 @@ func generateSSHKeyPair() (string, string, error) {
 func parseSSHKeyPair(data *framework.FieldData) (string, string, error) {
 
 	publicKey := data.Get("public_key").(string)
+	if publicKey == "" {
+		return "", "", errutil.UserError{Err: `missing public_key`}
+	}
+
 	privateKey := data.Get("private_key").(string)
+	if privateKey == "" {
+		return "", "", errutil.UserError{Err: `missing public_key`}
+	}
 
 	_, err := ssh.ParsePrivateKey([]byte(privateKey))
 	if err != nil {
diff --git a/website/source/docs/secrets/ssh/index.html.md b/website/source/docs/secrets/ssh/index.html.md
index b35b5ce658..3950fdfacb 100644
--- a/website/source/docs/secrets/ssh/index.html.md
+++ b/website/source/docs/secrets/ssh/index.html.md
@@ -301,7 +301,7 @@ The first thing to do is to get Vault to generate the key pair that will be used
 SSH keys:
 
 ```text
-$ vault write ssh/config/ca generate_signing_key=true
+$ vault write -f ssh/config/ca
 Success! Data written to: ssh/config/ca
 ```