step ssh
Name
step ssh -- create and manage ssh certificates
Usage
step ssh <subcommand> [arguments] [global-flags] [subcommand-flags]
Description
step ssh command group provides facilities to sign SSH certificates.
Examples
Generate a new SSH key pair and user certificate:
$ step ssh certificate joe@work id_ecdsa
Generate a new SSH key pair and host certificate:
$ step ssh certificate --host internal.example.com ssh_host_ecdsa_key
Add a new user certificate to the agent:
$ step ssh login joe@example.com
Remove a certificate from the agent:
$ step ssh logout joe@example.com
List all keys in the agent:
$ step ssh list
Configure a user environment with the SSH templates:
$ step ssh config
Inspect an ssh certificate file:
$ step ssh inspect id_ecdsa-cert.pub
Inspect an ssh certificate in the agent:
$ step ssh list --raw joe@example.com | step ssh inspect
List all the hosts you have access to:
$ step ssh hosts
Login into one host:
$ ssh internal.example.com
Commands
| Name | Usage | 
|---|---|
| certificate | sign a SSH certificate using the SSH CA | 
| check-host | checks if a certificate has been issued for a host | 
| config | configures ssh to be used with certificates | 
| fingerprint | print the fingerprint of an SSH public key or certificate | 
| hosts | returns a list of all valid hosts | 
| inspect | print the contents of an ssh certificate | 
| list | list public keys known to the ssh agent | 
| login | adds a SSH certificate into the authentication agent | 
| logout | removes a private key from the ssh-agent | 
| needs-renewal | Check if an SSH certificate needs to be renewed | 
| proxycommand | proxy ssh connections according to the host registry | 
| rekey | rekey a SSH certificate using the SSH CA | 
| renew | renew a SSH certificate using the SSH CA | 
| revoke | revoke a SSH certificate using the SSH CA |