| layout | auto-doc | ||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| category | reference | ||||||||||||||||||||
| title | step ssh | ||||||||||||||||||||
| menu |
|
step ssh -- create and manage ssh certificates
step ssh <subcommand> [arguments] [global-flags] [subcommand-flags]
step ssh command group provides facilities to sign SSH certificates.
Generate a new SSH key pair and user certificate:
$ step ssh certificate joe@work id_ecdsaGenerate a new SSH key pair and host certificate:
$ step ssh certificate --host internal.example.com ssh_host_ecdsa_keyAdd a new user certificate to the agent:
$ step ssh login joe@example.comRemove a certificate from the agent:
$ step ssh logout joe@example.comList all keys in the agent:
$ step ssh listConfigure a user environment with the SSH templates:
$ step ssh configInspect an ssh certificate file:
$ step ssh inspect id_ecdsa-cert.pubInspect an ssh certificate in the agent:
$ step ssh list --raw joe@example.com | step ssh inspectList all the hosts you have access to:
$ step ssh hostsLogin into one host:
$ ssh internal.example.com| Name | Usage |
|---|---|
| certificate | sign a SSH certificate using the SSH CA |
| check-host | checks if a certificate has been issued for a host |
| config | configures ssh to be used with certificates |
| fingerprint | print the fingerprint of an SSH public key or certificate |
| hosts | returns a list of all valid hosts |
| inspect | print the contents of an ssh certificate |
| list | list public keys known to the ssh agent |
| login | adds a SSH certificate into the authentication agent |
| logout | removes a private key from the ssh-agent |
| needs-renewal | Check if an SSH certificate needs to be renewed |
| proxycommand | proxy ssh connections according to the host registry |
| rekey | rekey a SSH certificate using the SSH CA |
| renew | renew a SSH certificate using the SSH CA |
| revoke | revoke a SSH certificate using the SSH CA |