open-vault/changelog/14008.txt at b74e4bc781e96beeb2c9cfacc1d57e5b6711caad - luxolus/open-vault - Stateless Git Forge

luxolus/open-vault

Alexander Scheel 3da261518b

Allow generation of other types of SSH CA keys (#14008 )

* Add generation support for other SSH CA key types

This adds two new arguments to config/ca, mirroring the values of PKI
secrets engine but tailored towards SSH mounts. Key types are specified
as x/crypto/ssh KeyAlgo identifiers (e.g., ssh-rsa or ssh-ed25519)
and respect current defaults (ssh-rsa/4096). Key bits defaults to 0,
which for ssh-rsa then takes a value of 4096.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add documentation on key_type, key_bits for ssh/config/ca

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

2022-02-15 14:14:05 -05:00

4 lines

88 B

Plaintext

Raw Blame History

	```release-note:improvement
	`secrets/ssh: Add support for generating non-RSA SSH CAs`
	```