You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
step-ca supports SSHAgentKMS (for SSH keys only; not for X.509), but we don't have a section in the Configuration docs for it. Here's the previous documentation, which needs to be fleshed out:
SSHAgentKMS
SSHAgentKMS is a KMS that wraps a ssh-agent which has access to the keys to
sign ssh certificates. This was primarily written to be able to use gpg-agent
to provide the keys stored in a YubiKeys openpgp interface.
step-casupports SSHAgentKMS (for SSH keys only; not for X.509), but we don't have a section in the Configuration docs for it. Here's the previous documentation, which needs to be fleshed out:SSHAgentKMS
SSHAgentKMS is a KMS that wraps a ssh-agent which has access to the keys to
sign ssh certificates. This was primarily written to be able to use gpg-agent
to provide the keys stored in a YubiKeys openpgp interface.
{ "kms": { "type": "sshagentkms" }, "ssh": { "hostKey": "sshagentkms:cardno:000123456789", "userKey": "sshagentkms:cardno:000123456789", }, ... }This KMS requires that "root", "crt" and "key" are stored in plain files, as for
SoftKMS.
The text was updated successfully, but these errors were encountered: