From fcd8540678f3619880438c95691ba32d1320873a Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Fri, 27 Aug 2021 09:08:42 +0300 Subject: add some description of sshca tto the front page Sponsored-by: author --- index.mdwn | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/index.mdwn b/index.mdwn index 006e2b4..487bf08 100644 --- a/index.mdwn +++ b/index.mdwn @@ -4,9 +4,22 @@ [[Blog]] — [[License]] -sshca is a tool for managing an [SSH CA][]. +The `sshca` tool helps manage an SSH Certificate Authority ([SSH CA][]) and +create host and user certificates. Such certificates make using and +administering SSH less tedious and more secure. -This website will be filled out later. +An SSH CA is an SSH key dedicated to signing, or certifying, other SSH +keys. Such a signed key is called a certificate and is used together +with the private part of the certified key. The certificate is used +instead of the public key. + +SSH clients and servers can be configured to trust certificates made +by one or more CA keys. This makes it possible for a client to trust a +server without asking the user to accept the host key for each new +server. A server can trust a client without having the client's public +key configured for that user in the `authorized_key` file. This +simplifies overall key management significantly, but requires creating +and managing CA keys and certificates. [SSH CA]: https://liw.fi/sshca -- cgit v1.2.1 From 698b8df206aab1c9d55afd21040143d4d8054ff2 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Fri, 27 Aug 2021 09:25:53 +0300 Subject: add first blog post Sponsored-by: author --- blog/2021/08/27/welcome.mdwn | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 blog/2021/08/27/welcome.mdwn diff --git a/blog/2021/08/27/welcome.mdwn b/blog/2021/08/27/welcome.mdwn new file mode 100644 index 0000000..8908385 --- /dev/null +++ b/blog/2021/08/27/welcome.mdwn @@ -0,0 +1,11 @@ +[[!meta date="Fri, 27 Aug 2021 09:09:46 +0300"]] +[[!meta title="Project start"]] + +I have in recent time learned about [SSH CA][] as a way to make use of +SSH more convenient, while making it more secure. However, while +managing an SSH CA instance with just the `ssh-keygen` tool is +possible, I want more convenient tooling. This project is about +developing such tooling. + +The `sshca` tool will be free and open source software, but I hope to +offer some paid-for training and support to those who can pay. -- cgit v1.2.1 From 94f6d58e4714df5f65f6daea615da284bac27309 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Fri, 27 Aug 2021 09:29:43 +0300 Subject: tweak news list on front page to have timestamps Sponsored-by: author --- index.mdwn | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/index.mdwn b/index.mdwn index 487bf08..c89422e 100644 --- a/index.mdwn +++ b/index.mdwn @@ -26,6 +26,5 @@ and managing CA keys and certificates. # News
-[[!inline pages="page(blog/*)" - limit=5 template=titlepage archive=yes trail=no feeds=no]] +[[!inline pages="page(blog/*)" limit=5 archive=yes trail=no feeds=no]]
-- cgit v1.2.1