feat: v1.10.0, SSH CA works

2024-09-07 00:43:30 +08:00
parent cbf127a297
commit 61854b7abf
6 changed files with 65 additions and 22 deletions
--- a/README.md
+++ b/README.md
@@ -173,6 +173,29 @@ $ card-cli pgp-age-address
 [OK   ] Age address: age10l464vxcpnkjguctvylnmp5jg4swhncn4quda0qxta3ud8pycc0qeaj2te
 ```

+# SSH CA
+
+## Generate SSH root CA
+
+```shell
+card-cli ssh-pub-key --ca -s r15
+```
+
+Outputs:
+```
+cert-authority,principals="root" ecdsa-sha2-nistp384 AAAAE2VjZHNh****** Yubikey-PIV-R15
+```
+
+## Generate SSH user CA
+
+```shell
+ssh-keygen -f id_user
+
+card-cli ssh-piv-cert --pub id_user.pub -s r15
+
+ssh -i id_user root@example.com
+```
+

 <br><br>