May 26, 2018
Use the OpenPGP web of trust to verify ssh connections
SSH key-based authentication is tried-and-true, but it lacks a true Public Key Infrastructure for key certification, revocation and expiration. Monkeysphere is a framework that uses the OpenPGP web of trust for these PKI functions. It can be used in both directions for users to get validated host keys, and for hosts to authenticate users.