john/janus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

readme content

Browse Source
This commit is contained in:
John Lancaster
2026-01-03 22:49:45 -06:00
parent 3c889513e9
commit 2b9c0556a4
1 changed files with 16 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
README.md
View File

@@ -18,6 +18,8 @@ step ca init --ssh --acme
## SSH Certificates ## SSH Certificates
### Server
Use step-ca to sign an existing public key to produce a signed certificate with some principals on it. Use step-ca to sign an existing public key to produce a signed certificate with some principals on it.
``` ```
@@ -41,4 +43,17 @@ TrustedUserCAKeys /etc/ssh/ssh_user_ca.pub
HostKey /etc/ssh/ssh_host_ed25519_key HostKey /etc/ssh/ssh_host_ed25519_key
HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub
EOF EOF
``` ```
```
systemctl reload sshd
```
### Client
```
step ssh certificate --sign \
--principal root --principal john \
--provisioner admin \
john@john-pc-ubuntu ~/.ssh/id_ed25519.pub
```