FS#63919 - Allow SSH CAs as user keys
Attached to Project:
AUR web interface
Opened by Jonne Haß (MrZYX) - Wednesday, 25 September 2019, 17:33 GMT
Opened by Jonne Haß (MrZYX) - Wednesday, 25 September 2019, 17:33 GMT
|
Details
Rather than having to remember what all the places are when
rotating one's SSH keys or adding a new device, and rather
than copying one SSH key around everywhere, it could be more
convenient to just whitelist a SSH CA and have it sign any
new keys.
This should be fairly easy to implement by making cert-authority a valid prefix of the SSH key, which is then returned by git-auth. So for example allow to set cert-authority ssh-ed25519 AbTheCAsKeyGoesHere and return it exactly like that for the AuthorizedKeysCommand. |
This task depends upon