NAME

step ssh – create and manage ssh certificates

USAGE

step ssh subcommand [arguments] [global-flags] [subcommand-flags]

DESCRIPTION

step ssh command group provides facilities to sign SSH certificates.

EXAMPLES

Generate a new SSH key pair and user certificate:

$ step ssh certificate joe@work id_ecdsa

Generate a new SSH key pair and host certificate:

$ step ssh certificate --host internal.example.com ssh_host_ecdsa_key

Add a new user certificate to the agent:

$ step ssh login joe@example.com

Remove a certificate from the agent:

$ step ssh logout joe@example.com

List all keys in the agent:

$ step ssh list

Configure a user environment with the SSH templates:

$ step ssh config

Inspect an ssh certificate file:

$ step ssh inspect id_ecdsa-cert.pub

Inspect an ssh certificate in the agent:

$ step ssh list --raw joe@example.com | step ssh inspect

List all the hosts you have access to:

$ step ssh hosts

Login into one host:

$ ssh internal.example.com

COMMANDS

certificatesign a SSH certificate using the the SSH CA
configconfigures ssh to be used with certificates
loginadds a SSH certificate into the authentication agent
logoutremoves a private key from the ssh-agent
inspectprint the contents of an ssh certificate
listlist public keys known to the ssh agent
fingerprintprint the fingerprint of an SSH public key or certificate
proxycommandproxy ssh connections according to the host registry
check-hostchecks if a certificate has been issued for a host
hostsreturns a list of all valid hosts
renewrenew a SSH certificate using the SSH CA
revokerevoke a SSH certificate using the SSH CA
rekeyrekey a SSH certificate using the SSH CA