[cwillu]

ssh definitely supports PKI, it's just not the standard workflow for individuals

     ssh-keygen (1):  

     ssh-keygen supports signing of keys to produce certificates that may be used for user or host authentication.
     Certificates consist of a public key, some identity information, zero or more principal (user or host) names and
     a set of options that are signed by a Certification Authority (CA) key.  Clients or servers may then trust only
     the CA key and verify its signature on a certificate rather than trusting many user/host keys.  Note that
     OpenSSH certificates are a different, and much simpler, format to the X.509 certificates used in ssl(8)

[password4321]

TIL about PKIX-SSH, OpenSSH + X.509.

https://gitlab.com/secsh/pkixssh

http://tech.ciges.net/blog/openssh-with-x509-certificates-ho...

Right now I'd stick with something like Gravitational Teleport (overkill); Warpgate may become the perfect fit for this niche soon.

https://github.com/warp-tech/warpgate

It's also worth knowing about SSH clients that can use X.509 certificate keys as normal pre-shared keys with any SSH server, like PuttyCAC and built-in for macOS High Sierra and later.

https://www.idmanagement.gov/implement/scl-ssh/

[zie]

OpenBAO and Hashicorp Vault also have built-in support for SSH certs: https://openbao.org/docs/secrets/ssh/signed-ssh-certificates...

[anilakar]

PKI, with I in bold quotation marks.

While it supports serial numbers, expiration dates and key revocation lists, it does not allow certificate chaining. That means whoever signs keys for end users has implicit access to the master key.

[raggi]

I'm not talking about supporting public key cryptography, I'm talking about having a specific and usable deployment of a PKI. The closest thing SSH has is SSHFP, which depends on DNSSEC, which is according to many opinions, DOA.