|
|
|
|
|
|
by ReligiousFlames
3322 days ago
|
|
|
monkeysphere for personal ssh private keys stored in gpg chef and hashicorp vault Another neat thing to deploy into dns is sshfp records so there's almost never ssh fingerprint verification prompts for deployed hosts. Alternatively, ssh host fingerprints can be deployed to LDAP. |
|
|
For those wondering, [1] provides a bit of a background on SSHFP records. You can only skip host-key checking entirely if it's served with DNSSEC, although that might be easier if you're running internal DNS.
How do you have your system working? Its something I've fiddled with briefly, but ultimately gave up on for now.
[1] https://matoski.com/article/sshfp-dns-records/