-
Notifications
You must be signed in to change notification settings - Fork 134
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proposition to manage SSH Certificates #177
Comments
I think this is a good idea. I had the certificate use case in my mind for some time already but as I did not have any practical experience with this, I did not want to force some artificial workflow. From the current proposal, I would certainly like to have the I would also like to see some tests to verify this works correctly on all supported/tested distributions (but its harder with containers in github actions). From what I see, this only deploys the User CA on the system and configures principals. This is the easy part. Did you think about implementing the host CA? |
The pull request is done : #252 Implementation of Host CA is not yet planned. We need to test different solutions to find the best way to do it. If you have any suggestions or comments, please do not hesitate . |
Hi,
I'm using this role in addition to an other one I made to manage SSH Certificats with Principals.
What are your thoughts if I submit a PR.
The change will look something like this:
Add 3 tasks
Add 2 templates
trusted-user-ca-keys.pem.j2
auth_principals.j2
Example of values
And of course, we would like to set this configuration:
To learn more about SSH Certificate, here is a nice tutorial from Hashicorp
Best,
Clement
The text was updated successfully, but these errors were encountered: