How to Set Up Centralized SSH Key Management

Option 1: SSH Certificate Authority (CA)

# On CA server
ssh-keygen -t ed25519 -f ca_key

Sign user keys:

ssh-keygen -s ca_key -I user@domain -n username -V +52w user_key.pub

Option 2: Using LDAP + SSSD

sudo apt install sssd-ldap
# Configure /etc/sssd/sssd.conf to fetch SSH keys from LDAP

Option 3: Using Teleport

wget https://get.gravitational.com/teleport-v12.0.0-linux-amd64-bin.tar.gz
sudo teleport configure

Option 4: Publish Keys via Ansible

# ansible-playbook -i inventory sync-ssh-keys.yml