Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for host key certificates #1662

Open
erbenson opened this issue Dec 19, 2022 · 0 comments
Open

Add support for host key certificates #1662

erbenson opened this issue Dec 19, 2022 · 0 comments
Assignees
@carloscabanero
Labels
feature Feature requested by users

Comments

@erbenson
Copy link

While blink supports SSH certificates on authentication keys. It appears to not support SSH certificates for host keys (known_hosts). With openssh you can place a CA in your known_hosts starting with @cert-authority <domain wildcard or *>

I tried editing the .ssh/known_hosts file in blink to add the @cert-authority but it was ignored.

Then any host with a certificate signed host key can login without having the specific host key in the known_hosts, and without the 'cache host key' prompt. All explained in detail at https://goteleport.com/blog/how-to-ssh-properly/
@erbenson erbenson added the bug Bug that's either related to Blink Shell or prevents the user to use the app in normal conditions. label Dec 19, 2022
@carloscabanero carloscabanero added feature Feature requested by users and removed bug Bug that's either related to Blink Shell or prevents the user to use the app in normal conditions. labels Mar 23, 2023
@carloscabanero carloscabanero self-assigned this Mar 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@carloscabanero carloscabanero

Labels
feature Feature requested by users
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@carloscabanero @erbenson