Support SSH CA Key Signing
0 vote
SSH has a concept of key signing that is similar to x509 (not the same). This capability allow great control of ssh key validity by tying it to a central authentication source.
Signed host key, allows you to validate that the key is trusted without needing to verify the fingerprint.
Signed client key removes the need to maintain authorized_key files.
It would be awesome if RDM had the ability to generate/store the SSH CA key and perform key generation and signing.
This sign provides a better explanation and breakdown of how it works. https://ef.gy/hardening-ssh
All Comments (3)
Do you know if this is something that Putty supports?
Regards
David Hervieux
Putty supports the signed keys, but doesn't have any of the signing capabilities.
I will add this to our todo list
Regards
David Hervieux