Date: Thu, 21 Nov 2019 10:41:40 +0100 From: Julien Cigar <julien@perdition.city> To: freebsd-questions@freebsd.org Subject: SSH certificates Message-ID: <20191121094140.GA1374@p52s>
next in thread | raw e-mail | index | archive | help
Hello, I'd like to setup an automated mechanism to replace SSH keys and autorized_keys management with SSH certificates. Basically every member of the team who arrives in the morning should authenticate to an authority (some daemon in a very secure jail which implement a local CA + key sign) and should receive back a signed certificate with a validity period of x hours. After digging a little I found https://smallstep.com/certificates/ and https://smallstep.com/cli/ (which aren't packaged BTW) but I'm wondering if there were others similar tools ..? Thanks! Julien -- Julien Cigar Belgian Biodiversity Platform (http://www.biodiversity.be) PGP fingerprint: EEF9 F697 4B68 D275 7B11 6A25 B2BB 3710 A204 23C0 No trees were killed in the creation of this message. However, many electrons were terribly inconvenienced.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20191121094140.GA1374>