Camp++ 0x7e5

Bulding a DIY zero-trust SSH CA
2021-08-26, 17:20–17:50, Guyon

Managing SSH access in a secure and transparent manner without bloat


Most IT personnel have heard of SSH, some have even used it. A subset of those users use public key authentication, some of those keys might even come from hardware tokens. Yet not many know about CAs in the context of SSH. In this talk I'll show what (some of) the existing implementations could be used for and present my own FLOSS solution that can server as the basis of a zero-trust architecture for SSH access. Bring your own YubiKey!