It's not if you don't bother with strict host checking.  There is plenty of argument of whether that's a bad thing since it removes one of the 3 pillars of the cert validation.

On Sun, Sep 15, 2019 at 11:28 AM Stephen Partington <cryptworks@gmail.com> wrote:
There are options that can be built without needing an actual DNS. I don't recall it being a requirement.

On Sun, Sep 15, 2019 at 11:12 AM Seabass <PrivateSeaBass@pm.me> wrote:
Is anyone familiar with using a Certificate to authorize SSH users instead of Public private keys exchanges?

I read an article on it, and I'm having trouble seeing if and how home users that don't own a domain could use it, rather than corporate entities with a set domain.

Q: Can home networks also use CAs for SSH? If so, how?---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss


--
A mouse trap, placed on top of your alarm clock, will prevent you from rolling over and going back to sleep after you hit the snooze button.

Stephen

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss


--
James McPhee
jmcphe@gmail.com