https://github.com/lowply/ssh-ca
SSH certificate authentication example in a container
https://github.com/lowply/ssh-ca
Last synced: 3 months ago
JSON representation
SSH certificate authentication example in a container
- Host: GitHub
- URL: https://github.com/lowply/ssh-ca
- Owner: lowply
- Created: 2021-01-22T12:30:17.000Z (over 4 years ago)
- Default Branch: main
- Last Pushed: 2021-01-22T12:31:25.000Z (over 4 years ago)
- Last Synced: 2025-03-15T07:07:17.951Z (3 months ago)
- Language: Makefile
- Size: 1000 Bytes
- Stars: 2
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# ssh-ca
SSH certificate authentication example in a container.
## Roles
- Local: CA
- Container: Client
## Step 1: Getting ready as a CA
At local
```
ssh-keygen -t ed25519 -C [email protected] -f ca
```
Upload `ca.pub` to GitHub.com.
## Step 2: Getting ready as a user
At local
```
make build
make run
```
In the container
```
mkdir ~/.ssh
ssh-keygen -t ed25519
```
## Step 3: Sign the public key
At local
```
ssh-keygen \
-O extension:[email protected]=lowply \
-s ca \
-V '+1d' \
-I lowply \
./client/.ssh/id_ed25519.pub
```
To add the `source-address` option:
```
-O source-address=127.0.0.1
```
## Step 4: Test the connection
In the container
```
ssh [email protected]
```
## Further reading
- [SSH certificate authentication for GitHub Enterprise Cloud - The GitHub Blog](https://github.blog/2019-08-14-ssh-certificate-authentication-for-github-enterprise-cloud/)
- [About SSH certificate authorities - GitHub Docs](https://docs.github.com/en/github/setting-up-and-managing-organizations-and-teams/about-ssh-certificate-authorities)