search for: sshcakey

...I can use the new self-signed certificates So what I read in the man pages, it should be something like: client: 1) ssh-keygen -f ca_rsa # generate a ssh keypair for use as a certificate Server(s): 2) make sure your /etc/ssh/sshd_config has TrustedUserCAKeys assigned TrustedUserCAKeys /etc/ssh/sshcakeys # or whatever name or location you like 3) edit /etc/ssh/sshcakeys and add the contents of ca_rsa.pub in it Client: 4) for a user generate a certificate of its public key ssh-keygen -s ca_rsa -I keyid -n user id_rsa.pub This will generate an id_rsa-cert.pub certificate file Client: 5) s...