Comment on Why isn't using a key file the most common way to log into self-hosted servers?
kumi@feddit.online 3 days agoNot if you use certificates signed by your own internal CA and trust the CA instead of straight up trusting the public keys explicitly.
This way you can generate new (say) SSH keys trusted across a bunch of machines without having to touch those machines directly for every kesince they are signed by your trusted authority. If you configure CRLs properly you can also revoke them centrally.
UnpledgedCatnapTipper@piefed.blahaj.zone 3 days ago
Hosting a CA is a whole additional service to set up, as is enabling trust for said CA on every server you’re running.
kumi@feddit.online 3 days ago
A CA can be an encrypted volume ona live USB stick. It’s mostly for the CRLs you might want something online.
Unless you do TOFU (which some do and btw how often do you actually verify the github.com ssh fingerprint when connecting from a new host?), you need to add the trust root in some way, just as with any other method discussed. But that’s no more work than doing the same with individual host keys.