mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-14 18:47:01 +02:00
f4f0412b6a
* Convert documentation titles to sentense case * Docker, Google, Foundry, Cloud proper case
37 lines
1.2 KiB
Plaintext
37 lines
1.2 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: SSH - Secrets Engines
|
|
description: |-
|
|
The Vault SSH secrets engine provides secure authentication and authorization
|
|
for access to machines via the SSH protocol. There are two modes to the Vault
|
|
SSH secrets engine including signed SSH certificates and one-time passwords.
|
|
---
|
|
|
|
# SSH secrets engine
|
|
|
|
Name: `ssh`
|
|
|
|
The Vault SSH secrets engine provides secure authentication and authorization
|
|
for access to machines via the SSH protocol. The Vault SSH secrets engine helps
|
|
manage access to machine infrastructure, providing several ways to issue SSH
|
|
credentials.
|
|
|
|
The Vault SSH secrets engine supports the following modes. Each mode is
|
|
individually documented on its own page.
|
|
|
|
- [Signed SSH Certificates](/vault/docs/secrets/ssh/signed-ssh-certificates)
|
|
- [One-time SSH Passwords](/vault/docs/secrets/ssh/one-time-ssh-passwords)
|
|
|
|
All guides assume a basic familiarity with the SSH protocol.
|
|
|
|
## Removal of dynamic keys feature
|
|
|
|
Per [Vault 1.12's deprecation notice page](/vault/docs/v1.12.x/deprecation),
|
|
the dynamic keys functionality of this engine has been removed in Vault 1.13.
|
|
|
|
## API
|
|
|
|
The SSH secrets engine has a full HTTP API. Please see the
|
|
[SSH secrets engine API](/vault/api-docs/secret/ssh) for more
|
|
details.
|