mirror of
https://github.com/smallstep/certificates.git
synced 2024-10-31 03:20:16 +00:00
3e6137110b
This adds a new KMS, SSHAgentKMS, which is a KMS to provide signing keys for issuing ssh certificates signed by a key managed by a ssh-agent. It uses the golang.org/x/crypto package to get a native Go implementation to talk to a ssh-agent. This was primarly written to be able to use gpg-agent to provide the keys stored in a YubiKeys openpgp interface, but can be used for other setups like proxying a ssh-agent over network. That way the signing key for ssh certificates can be kept in a "sign-only" hsm. This code was written for my employer Intinor AB, but for simplicity sake gifted to me to contribute upstream. Signed-off-by: Anton Lundin <glance@acc.umu.se> |
||
|---|---|---|
| .. | ||
| images | ||
| acme.md | ||
| cas.md | ||
| CONTRIBUTING.md | ||
| database.md | ||
| defaults.md | ||
| docker.md | ||
| GETTING_STARTED.md | ||
| kms.md | ||
| provisioners.md | ||
| questions.md | ||
| README.md | ||
| revocation.md | ||
Step Certificates Documentation
Note: Much of our documentation has moved
Index of Documentation and Tutorials for using and deploying the step certificates.
Table of Contents
- General Info
- Website
- Installation Guide
- Getting Started: in depth guide on getting started
with
step-ca, including all configuration options. - Contributor's Guide
- Sane Defaults: default algorithms and attributes used in cryptographic primitives and why they were selected.
- Frequently Asked Questions
- Check out our Blog. We post quality educational content as well as periodic updates on new releases.
- API: Guides to using the API via the
stepCLI.- Revoking Certificates
- Persistence Layer: description and guide to using
step certificates' persistence layer for storing certificate management metadata.
- Tutorials: Guides for deploying and getting started with
stepin various environments.