|
|
|
|
|
|
by mdriley
1945 days ago
|
|
|
Definitely not appropriate for protecting Real Infrastructure, but for my handful of personal machines I put my authorized keys in a Google Doc and configure hosts to download it using `AuthorizedKeysCommand`. Makes it easy to add and revoke hosts in one place, which also makes rotation possible. I have a hardware-backed "doomsday key" to use if the Google Doc stops working. Writeup and script at https://github.com/mmdriley/authorized_keys |
|
|
But still, surely there's a better way than relying on google not controlling your "key infrastructure", even for personal use?