Setting up an SSH CA with Vault

Even with modern tools, managing SSH access to hundreds of machines is daunting. At Pusher we use Hashicorp’s Vault as an SSH certificate authority, allowing us to manage ssh access from one central place. Vault makes signing SSH keys so easy that we were able to implement a self-serve mechanism for our engineers and do away with revocation lists entirely.

Read more on IT Ops Times.