My ssh keys are oldMany times I had the Idea to replace them and cleanup. Put the approach feels old not intuitive and i’m affraid of problems.
How do you manage keys and get sure they do ot get to old.
My ssh keys are oldMany times I had the Idea to replace them and cleanup. Put the approach feels old not intuitive and i’m affraid of problems.
How do you manage keys and get sure they do ot get to old.
I moved over to certificates a while ago.
https://smallstep.com/blog/use-ssh-certificates/
That’s a really interesting read, thanks for sharing
So what happens when the certificate expires? Do you get locked out if you don’t have physical access?
Re-gen the keys. In this environment, you would have PKI setup and automation to handle cert renewal.
Having the certs expire is an advantage, security-wise. Auth will expire with certs, stolen creds can be instantly invalidated.