readme content

2026-01-03 22:49:45 -06:00
parent 3c889513e9
commit 2b9c0556a4
1 changed files with 16 additions and 1 deletions
--- a/README.md
+++ b/README.md
@@ -18,6 +18,8 @@ step ca init --ssh --acme

 ## SSH Certificates

+### Server
+
 Use step-ca to sign an existing public key to produce a signed certificate with some principals on it.

 ```
@@ -41,4 +43,17 @@ TrustedUserCAKeys /etc/ssh/ssh_user_ca.pub
 HostKey /etc/ssh/ssh_host_ed25519_key
 HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub
 EOF
-```
+```
+
+```
+systemctl reload sshd
+```
+
+### Client
+
+```
+step ssh certificate --sign \
+--principal root --principal john \
+--provisioner admin \
+john@john-pc-ubuntu ~/.ssh/id_ed25519.pub
+```