|
|
|
|
|
|
by metafunctor
2817 days ago
|
|
|
An alternative to host keys would be to use host certificates instead of keys. It's (a lot) more work to set up, but allows for flexible central management of authentication, plus also eliminates this issue with the known_hosts files. |
|
|
Teleport [0] should hopefully make it easier to use certificates.
An alternative implementation is Netflix’s Bless [1].
[0] https://github.com/gravitational/teleport
[1] https://github.com/Netflix/bless