My ssh keys are oldMany times I had the Idea to replace them and cleanup. Put the approach feels old not intuitive and i’m affraid of problems.
How do you manage keys and get sure they do ot get to old.
My ssh keys are oldMany times I had the Idea to replace them and cleanup. Put the approach feels old not intuitive and i’m affraid of problems.
How do you manage keys and get sure they do ot get to old.
Wouldn’t automation based on your approach be really easy? Like correct me if I’m wrong, but I assume you just need a chron job executing ssh-keygen on your localhost, adding the new pub to ansible, rolling out and removing the old, right?
It’s possible but I haven’t felt the need, and it’s another thing that can go wrong. If I think my key may have been compromised I have much bigger problems. I should assume my whole machine is pwned and trojan’d, so I should replace the disk and reinstall everything.
I can see some benefit in using a special token to hold the key instead of just generating it on my laptop. One of these days.