step ssh config – configures ssh to be used with certificates
step ssh config
[–team=name] [–host] [–set=
[–dry-run] [–roots] [–federation]
step ssh config configures SSH to be used with certificates. It also supports flags to inspect the root certificates used to sign the certificates.
This command uses the templates defined in step-certificates to set up user and hosts environments.
- Configures a SSH server instead of a client.
- The team
nameused to bootstrap the environment.
urlstep queries to retrieve initial team configuration. Only used with the –team option. If the url contains “<>” placeholders, they are replaced with the team name.
- Prints the public keys used to verify user or host certificates.
- Prints all the public keys in the federation. These keys are used to verify user or host certificates
key=valueused as a variable in the templates. Use the flag multiple times to set multiple variables.
- Executes the command without changing any file.
URIof the targeted Step Certificate Authority.
- The path to the PEM
fileused as the root certificate authority.
- Creates a certificate without contacting the certificate authority. Offline mode uses the configuration, certificates, and keys created with step ca init, but can accept a different configuration file using ‘–ca-config`’ flag.
pathto the certificate authority configuration file. Defaults to $STEPPATH/config/ca.json
- -f, –force
- Force the overwrite of files without asking.
Print the public keys used to verify user certificates:
$ step ssh config --roots
Print the public keys used to verify host certificates:
$ step ssh config --host --roots
Apply configuration templates on the user system:
$ step ssh config
Apply configuration templates on a host:
$ step ssh config --host
Apply configuration templates with custom variables:
$ step ssh config --set User=joe --set Bastion=bastion.example.com