Flexible, secure SSH with DNSSEC
The blog discusses the use of DNSSEC in managing public keys for SSH access. With OpenSSH version 6.2 and later, remote hosts can retrieve public keys in a customized way instead of relying on the authorized_keys file in the ~/.ssh/ directory. This feature allows users to store their public keys in DNS records, which can be verified using DNSSEC. The author demonstrates how to use this method by storing Alice and Bob's respective public keys as TXT records in a domain example.com. They also provide instructions on configuring the SSH server to retrieve these keys from DNS records securely.
Company
Cloudflare
Date published
Jan. 13, 2016
Author(s)
Etienne Labaume
Word count
1158
Language
English
Hacker News points
31