So what happens when the certificate expires? Do you get locked out if you don’t have physical access?
Comment on What is the best trategie to refresh ssh keys?
AbidanYre@lemmy.world 10 hours ago
I moved over to certificates a while ago.
cmnybo@discuss.tchncs.de 9 hours ago
non_burglar@lemmy.world 9 hours ago
Re-gen the keys. In this environment, you would have PKI setup and automation to handle cert renewal.
Having the certs expire is an advantage, security-wise. Auth will expire with certs, stolen creds can be instantly invalidated.
bright_side_@piefed.world 5 hours ago
That’s a really interesting read, thanks for sharing