diff options
author | Lars Wirzenius <liw@liw.fi> | 2022-12-17 18:44:59 +0200 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2022-12-17 18:51:01 +0200 |
commit | e14f7f036c2ca424e37840daffdbc8c395b82685 (patch) | |
tree | b832106557feb71a2f7313591d521697cbb99b6e | |
parent | d012faa073ffbcf76d538cc4fe739bb7a3a386e8 (diff) | |
download | sshca-e14f7f036c2ca424e37840daffdbc8c395b82685.tar.gz |
docs: add a README
Sponsored-by: author
-rw-r--r-- | README.md | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..b87dd66 --- /dev/null +++ b/README.md @@ -0,0 +1,33 @@ +# sshca---SSH certificate management + +The `sshca` tool helps manage an SSH Certificate Authority ([SSH CA][]) and +create host and user certificates. Such certificates make using and +administering SSH less tedious and more secure. + +An SSH CA is an SSH key dedicated to signing, or certifying, other SSH +keys. Such a signed key is called a certificate and is used together +with the private part of the certified key. The certificate is used +instead of the public key. + +SSH clients and servers can be configured to trust certificates made +by one or more CA keys. This makes it possible for a client to trust a +server without asking the user to accept the host key for each new +server. A server can trust a client without having the client's public +key configured for that user in the `authorized_key` file. This +simplifies overall key management significantly, but requires creating +and managing CA keys and certificates. + +[SSH CA]: https://liw.fi/sshca + +See <https://sshca.liw.fi/> for more information about the tool. + +## Dependencies + +You need the following to run `./check` and build and run the +software: + +* the Rust toolchain: `cargo` and `rustc` and anything they need +* Python version 3 +* [Subplot](https://subplot.tech/) +* [Pandoc](https://pandoc.org/) +* pdflatex, such as from [TeXlive](https://tug.org/texlive/) |