Despite hating the confrontational tone of the title the article offers pretty good information, though personally I've never worked in environments where public key deployment would have been a...
Despite hating the confrontational tone of the title the article offers pretty good information, though personally I've never worked in environments where public key deployment would have been a bigger pain in the ass than setting up a custom CA or an SSO solution.
I mean, using certs for ssh is cool and all... But it doesn't solve the warnings on connect to a new host, whic the author considers problematic. Also, rekeying at scale is quite easy to do, for...
I mean, using certs for ssh is cool and all... But it doesn't solve the warnings on connect to a new host, whic the author considers problematic.
Also, rekeying at scale is quite easy to do, for ssh. It seems the author doesn't know about config management.
Despite hating the confrontational tone of the title the article offers pretty good information, though personally I've never worked in environments where public key deployment would have been a bigger pain in the ass than setting up a custom CA or an SSO solution.
I mean, using certs for ssh is cool and all... But it doesn't solve the warnings on connect to a new host, whic the author considers problematic.
Also, rekeying at scale is quite easy to do, for ssh. It seems the author doesn't know about config management.