You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have a bunch of old network devices that we want to be accessible only through warpgate. We also use ansible to deploy config changes in batch.
It would be nice to be able to authenticate to warpgate using certificate authentication. In this way, we could use 2FA only once to get our public key signed with a short TTL (using Vault, for example) and use it to apply config changes to all devices via ansible.
Enabling this feature in openSSH is as easy as adding the TrustedUserCAKeys option pointing to a CA public key.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
We have a bunch of old network devices that we want to be accessible only through warpgate. We also use ansible to deploy config changes in batch.
It would be nice to be able to authenticate to warpgate using certificate authentication. In this way, we could use 2FA only once to get our public key signed with a short TTL (using Vault, for example) and use it to apply config changes to all devices via ansible.
Enabling this feature in openSSH is as easy as adding the TrustedUserCAKeys option pointing to a CA public key.
I think that it would be a worthy addition.
Beta Was this translation helpful? Give feedback.
All reactions