| shameless plug: I've been tinkering with a tool to make SSH certificate-based login a bit easier. it's called Sshifu. basically, you set up a sshifu-server that acts as a certificate authority + SSO server. then on your SSH servers, you configure them to trust this CA (there are helper npx commands / bash scripts to make this easy). after that, for each user who wants access, they just run: npx sshifu <sshifu-server-url> <ssh-server-url> this starts the SSO login flow, sets up the CA public key if needed, and immediately opens an SSH session. npx is just the easiest way to get started, there are other install options too. I built this as a smaller alternative to Smallstep / Teleport. it's still very early and mostly vibe-coded, but it's already scratching my own itch. would love to hear what you guys think repo: github.com/azophy/sshifu |