
Centralized known_hosts for ssh - frioux
https://blog.afoolishmanifesto.com/posts/centralized-known-hosts-for-ssh/
======
Snawoot
OpenSSH supports server verification via certificates. So one can sign all his
installations with common trusted certificate and do not reinvent the wheel.
Certificate authentication may be applied both for client and server.

Related readings: [https://ef.gy/hardening-ssh](https://ef.gy/hardening-ssh)
[https://access.redhat.com/documentation/en-
us/red_hat_enterp...](https://access.redhat.com/documentation/en-
us/red_hat_enterprise_linux/6/html/deployment_guide/sec-
using_openssh_certificate_authentication)

