mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-23 15:41:07 +02:00
8aa6fa3a90
* Update the page description for SEO improvement * Update the description for SEO improvement * Update the description * Update website/content/docs/secrets/transform/ff3-tweak-details.mdx Co-authored-by: Jonathan Frappier <92055993+jonathanfrappier@users.noreply.github.com> * Fixing a typo * Incorporate review feedback --------- Co-authored-by: Jonathan Frappier <92055993+jonathanfrappier@users.noreply.github.com>
33 lines
1.1 KiB
Plaintext
33 lines
1.1 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: SSH secrets engine
|
|
description: >-
|
|
Securely access machines via the SSH protocol using the SSH secrets engine plugin. It supports signed SSH certificates and one-time password modes.
|
|
---
|
|
|
|
# SSH secrets engine
|
|
|
|
The Vault SSH secrets engine provides secure authentication and authorization
|
|
for access to machines via the SSH protocol. The Vault SSH secrets engine helps
|
|
manage access to machine infrastructure, providing several ways to issue SSH
|
|
credentials.
|
|
|
|
The Vault SSH secrets engine supports the following modes. Each mode is
|
|
individually documented on its own page.
|
|
|
|
- [Signed SSH Certificates](/vault/docs/secrets/ssh/signed-ssh-certificates)
|
|
- [One-time SSH Passwords](/vault/docs/secrets/ssh/one-time-ssh-passwords)
|
|
|
|
All guides assume a basic familiarity with the SSH protocol.
|
|
|
|
## Removal of dynamic keys feature
|
|
|
|
Per [Vault 1.12's deprecation notice page](/vault/docs/v1.12.x/deprecation),
|
|
the dynamic keys functionality of this engine has been removed in Vault 1.13.
|
|
|
|
## API
|
|
|
|
The SSH secrets engine has a full HTTP API. Please see the
|
|
[SSH secrets engine API](/vault/api-docs/secret/ssh) for more
|
|
details.
|