[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

SSH resources, specifically on certificates (certificate authentication)

I seem to have gone down a rabbit hole.

I want(ed?) to set up ssh on my LAN using certificate authentication, and am 
having a lot of trouble finding the information I need / would like to have.

I won't go into much detail now, but I didn't realize how big a subject ssh 
is, and although I'm finding a lot of resources of various sorts (man pages, 
articles, tutorials), I'm also finding a lot of incomplete, confusing, 
conflicting, out-of-date, and, sometimes, afaict incorrect information.

I'd like to find an active mailing list that provides support for ssh.  Of the 
mailing lists I've found, one went defunct in 2001, another in 2011, and the 
Debian ssh list is for developers / maintainers, not for support.

I didn't (and don't want to read a book (but with all the other stuff I've 
read, I probably could have read a book or two by now), I have found an online 
book that was published in 2001 and does not address certificates (certificates 
are listed in the index, but they are talking about ssl certificates).

My intention was to learn how to use certificates for ssh authentication on my 
small LAN, and then, in view of how confusing the documentation I found seemed 
to be, to try to write a wiki page (or several) (on WikiLearn) to try to be as 
clear as possible.  (And, in addition to not wanting to read a book, nor do I 
want to write one.)

So, I should mention some of the resources I've found (I've looked at a bunch, 
and won't try to list them here), the two best I've found so far are:

   * [[https://dev.to/gvelrajan/how-to-configure-and-setup-ssh-certificates-for-
ssh-authentication-b52][How to configure and setup SSH certificates for SSH 
authentication]]

   * [[https://smallstep.com/blog/use-ssh-certificates/][If you’re not using 
SSH certificates you’re doing SSH wrong]]

If I can't find an ssh specific mailing list that is willing to consider support 
questions, I'll probably start posting some of my questions here.

Thanks!
 
-- 
rhk

If you reply: snip, snip, and snip again; leave attributions; avoid top 
posting; and keep it "on list".  (Oxford comma included at no charge.)  If you 
change topics, change the Subject: line. 

A picture is worth a thousand words -- divide by 10 for each minute of video 
(or audio) or create a transcript and edit it to 10% of the original.
Reply to: