CA unreachable means no renewals, but identity verification (login) is offline. As long as certs renewed fine, connection to the CA is not needed.
Comment on What is the best trategie to refresh ssh keys?
Anekdoteles@feddit.org 2 months agoSooo, CA unreachable means connection dead, which is a manageable risk. But giving a third party the authority over my SSH access sounds like a great way to make it convenient for state actors to invade my privacy.
mik@sh.itjust.works 1 month ago
AbidanYre@lemmy.world 2 months ago
I mean, the CA is also self hosted so I’m not sure what you think the extra attack vector is here.