| ▲ | longislandguido 2 hours ago | |
This discussion is full of schizo solutions to "secure" SSH, most of which make no practical sense or have no technical basis. There really needs to be a definitive best practices guide published by a trusted authority. | ||
| ▲ | kackerlacker 7 minutes ago | parent [-] | |
In my view it is more important to stop using software keys so probably use sk (fido) for both host and user.. From there CAs would be a next step.. The level of documentation and example setups is astoundingly poor if you even look at step 2 for any feature. I.e. SK keys are reasonably understood for user keys but the setup as host keys is vague and needs testing to see if it really works. | ||