/plushcap/analysis/cloudflare/flexible-secure-ssh-with-dnssec

Flexible, secure SSH with DNSSEC

What's this blog post about?

The blog discusses the use of DNSSEC in managing public keys for SSH access. With OpenSSH version 6.2 and later, remote hosts can retrieve public keys in a customized way instead of relying on the authorized_keys file in the ~/.ssh/ directory. This feature allows users to store their public keys in DNS records, which can be verified using DNSSEC. The author demonstrates how to use this method by storing Alice and Bob's respective public keys as TXT records in a domain example.com. They also provide instructions on configuring the SSH server to retrieve these keys from DNS records securely.

Company
Cloudflare

Date published
Jan. 13, 2016

Author(s)
Etienne Labaume

Word count
1158

Language
English

Hacker News points
31


By Matt Makai. 2021-2024.