Ask HN: How does your organisation manage employee SSH keys?
I've seen a variety of approaches, ranging from
* manually deployed by an infra team in response to JIRA tickets
* checked into a repo and deployed with saltstack, along with a cronjob to sync with G-Suite so that keys would be automatically removed when people left
* SSO integration through AWS systems manager
What have you seen tried? What worked well, what didn't?
1 comment
[ 3.0 ms ] story [ 12.7 ms ] threadSo weather you're a Linux shop or a Windows shop, you get a single interface where disabling a user account disables the users keys.
[1] https://www.freeipa.org/page/Main_Page