
Cloudflare: Public keys are not enough for SSH security - tosh
https://blog.cloudflare.com/public-keys-are-not-enough-for-ssh-security/
======
donalhunt
The first section of the article doesn't clarify that losing track of your
private keys is a bad thing (infers private and public keys are the same).

Saying that, I'm a big fan of the design Cloudflare are doing here and it
greatly limits the attack surface. There are however other ways of doing this
but I suspect CF's approach will get more traction due to the lower setup
cost.

