configpolicy

dustin

configpolicy

Fork 0

Commit Graph

Author	SHA1	Message	Date
Dustin	f83cea50e9	r/ssu-user-ca: Configure sshd TrustedUserCAKeys The `TrustedUserCAKeys` setting for sshd(8) tells the server to accept any certificates signed by keys listed in the specified file. The authenticating username has to match one of the principals listed in the certificate, of course. This role is applied to all machines, via the `base.yml` playbook. Certificates issued by the user CA managed by SSHCA will therefore be trusted everywhere. This brings us one step closer to eliminating the dependency on Active Directory/Samba.	2024-02-01 18:46:40 -06:00

Author

SHA1

Message

Date

Dustin

f83cea50e9

r/ssu-user-ca: Configure sshd TrustedUserCAKeys

The `TrustedUserCAKeys` setting for *sshd(8)* tells the server to accept
any certificates signed by keys listed in the specified file.
The authenticating username has to match one of the principals listed in
the certificate, of course.

This role is applied to all machines, via the `base.yml` playbook.
Certificates issued by the user CA managed by SSHCA will therefore be
trusted everywhere.  This brings us one step closer to eliminating the
dependency on Active Directory/Samba.

2024-02-01 18:46:40 -06:00

1 Commits (5ddda0eae3221b7410c91153fa6c3351fe8ec514)