open-vault/website/source/docs/secrets/ssh/index.html.md

---
layout: "docs"
page_title: "SSH Secret Backend"
sidebar_current: "docs-secrets-ssh"
description: |-
  The Vault SSH secret backend provides secure authentication and authorization
  for access to machines via the SSH protocol. There are multiple modes to the
  Vault SSH backend including signed SSH certificates, dynamic SSH keys, and
  one-time passwords.
---

# SSH Secret Backend

Name: `ssh`

The Vault SSH secret backend provides secure authentication and authorization
for access to machines via the SSH protocol. The Vault SSH backend helps manage
access to machine infrastructure, providing several ways to issue SSH
credentials.

The Vault SSH secret backend supports the following modes. Each mode is
individually documented on its own page.

- [Signed SSH Certificates](/docs/secrets/ssh/signed-ssh-certificates.html)
- [One-time SSH Passwords](/docs/secrets/ssh/one-time-ssh-passwords.html)
- [Dynamic SSH Keys](/docs/secrets/ssh/dynamic-ssh-keys.html) <sup>DEPRECATED</sup>

All guides assume a basic familiarity with the SSH protocol.

## API

The SSH secret backend has a full HTTP API. Please see the
[SSH secret backend API](/api/secret/ssh/index.html) for more
details.
Vault SSH: Website doc v1. Removed path_echo 2015-08-12 16:25:28 +00:00			`---`
			`layout: "docs"`
Update titles 2017-03-17 18:37:01 +00:00			`page_title: "SSH Secret Backend"`
Vault SSH: Website doc v1. Removed path_echo 2015-08-12 16:25:28 +00:00			`sidebar_current: "docs-secrets-ssh"`
			`description: \|-`
Break SSH types into their own pages (#3157) @jefferai and I discussed this on Friday. With three fully-documented SSH backends, the page is lengthy, ungreppable, and intimidating. This commit separates the SSH backends into their own pages with as little text changes as possible. 2017-08-14 14:49:41 +00:00			`The Vault SSH secret backend provides secure authentication and authorization`
			`for access to machines via the SSH protocol. There are multiple modes to the`
			`Vault SSH backend including signed SSH certificates, dynamic SSH keys, and`
			`one-time passwords.`
Vault SSH: Website doc v1. Removed path_echo 2015-08-12 16:25:28 +00:00			`---`

			`# SSH Secret Backend`

			Name: `ssh`

Break SSH types into their own pages (#3157) @jefferai and I discussed this on Friday. With three fully-documented SSH backends, the page is lengthy, ungreppable, and intimidating. This commit separates the SSH backends into their own pages with as little text changes as possible. 2017-08-14 14:49:41 +00:00			`The Vault SSH secret backend provides secure authentication and authorization`
			`for access to machines via the SSH protocol. The Vault SSH backend helps manage`
			`access to machine infrastructure, providing several ways to issue SSH`
			`credentials.`
Vault SSH: Documentation update and minor refactoring changes. 2015-08-18 01:22:03 +00:00
Break SSH types into their own pages (#3157) @jefferai and I discussed this on Friday. With three fully-documented SSH backends, the page is lengthy, ungreppable, and intimidating. This commit separates the SSH backends into their own pages with as little text changes as possible. 2017-08-14 14:49:41 +00:00			`The Vault SSH secret backend supports the following modes. Each mode is`
			`individually documented on its own page.`
Vault SSH: Documentation update and minor refactoring changes. 2015-08-18 01:22:03 +00:00
Break SSH types into their own pages (#3157) @jefferai and I discussed this on Friday. With three fully-documented SSH backends, the page is lengthy, ungreppable, and intimidating. This commit separates the SSH backends into their own pages with as little text changes as possible. 2017-08-14 14:49:41 +00:00			`- [Signed SSH Certificates](/docs/secrets/ssh/signed-ssh-certificates.html)`
			`- [One-time SSH Passwords](/docs/secrets/ssh/one-time-ssh-passwords.html)`
			`- [Dynamic SSH Keys](/docs/secrets/ssh/dynamic-ssh-keys.html) <sup>DEPRECATED</sup>`
Vault SSH: Website page for SSH backend 2015-08-14 19:41:26 +00:00
Break SSH types into their own pages (#3157) @jefferai and I discussed this on Friday. With three fully-documented SSH backends, the page is lengthy, ungreppable, and intimidating. This commit separates the SSH backends into their own pages with as little text changes as possible. 2017-08-14 14:49:41 +00:00			`All guides assume a basic familiarity with the SSH protocol.`
docs: Elaborate the steps for SSH CA backend with 'sshd_config' changes (#2507) 2017-03-19 22:52:15 +00:00
Vault SSH: Website page for SSH backend 2015-08-14 19:41:26 +00:00			`## API`

Break out API documentation for secret backends 2017-03-09 02:47:35 +00:00			`The SSH secret backend has a full HTTP API. Please see the`
/docs/http -> /api 2017-03-17 18:06:03 +00:00			`[SSH secret backend API](/api/secret/ssh/index.html) for more`
Break out API documentation for secret backends 2017-03-09 02:47:35 +00:00			`details.`