Marc Chua marcchua

## Vault-ssh-ca-README.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                marcchua
                / Vault-ssh-ca-README.md
            
            
              Created
              March 5, 2021 13:52
                — forked from kawsark/Vault-ssh-ca-README.md
            
              
                A guide for configuring Vault's SSH-CA
              
          
    SSH CA use-case with Vault

In this scenario we are going to set up Vault to sign SSH keys using an internal CA. We will configure the SSH secrets engine and create a CA within Vault. We will then configure an SSH server to trust the CA key we just created. Finally we will attempt to SSH using a private key, and a public key signed by Vault SSH CA.
Prerequisites


This guide assumes you have already provisioned a Vault server, SSH host using OpenSSH server, and a SSH client machine.
The client system must be able to reach the Vault server and the OpenSSH server.
We will refer to these systems respectively as:
VAULT_SERVER


## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                marcchua
                / keybase.md
            
            
              Created
              December 4, 2018 14:33
            
          
    Keybase proof

I hereby claim:

I am marcchua on github.
I am mchua (https://keybase.io/mchua) on keybase.
I have a public key ASCPvgDNqn3swO6eC7PPpDnsEt-v_x9NCQyHn4CYHlFJ3Qo

To claim this, I am signing this object: