diff options
author | Lars Wirzenius <liw@liw.fi> | 2021-08-27 09:08:42 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2021-08-27 09:08:42 +0300 |
commit | fcd8540678f3619880438c95691ba32d1320873a (patch) | |
tree | 4071929ae7c3469adf9cbc09ce915a0f9f88c056 | |
parent | 31b4d0d57efe0acc0ae7323928b3adad3dbff398 (diff) | |
download | sshca-web-fcd8540678f3619880438c95691ba32d1320873a.tar.gz |
add some description of sshca tto the front page
Sponsored-by: author
-rw-r--r-- | index.mdwn | 17 |
1 files changed, 15 insertions, 2 deletions
@@ -4,9 +4,22 @@ [[Blog]] — [[License]] -sshca is a tool for managing an [SSH CA][]. +The `sshca` tool helps manage an SSH Certificate Authority ([SSH CA][]) and +create host and user certificates. Such certificates make using and +administering SSH less tedious and more secure. -This website will be filled out later. +An SSH CA is an SSH key dedicated to signing, or certifying, other SSH +keys. Such a signed key is called a certificate and is used together +with the private part of the certified key. The certificate is used +instead of the public key. + +SSH clients and servers can be configured to trust certificates made +by one or more CA keys. This makes it possible for a client to trust a +server without asking the user to accept the host key for each new +server. A server can trust a client without having the client's public +key configured for that user in the `authorized_key` file. This +simplifies overall key management significantly, but requires creating +and managing CA keys and certificates. [SSH CA]: https://liw.fi/sshca |