JP MensSSH certificates: the better SSH experience
https://jpmens.net/2026/04/03/ssh-certificates-the-better-ssh-experience/
edit: I have clarified some of the examples and have incorporated most of your feedback for which many thanks!
Job Snijders@jpmens thank you for the write-up! This reminded me I had a todo item to start a "Call for WG Adoption" for the internet-draft that specifies the SSH certificate format! Now done :-) https://mailarchive.ietf.org/arch/msg/ssh/5WHJgASVjhX-ihyEx1Ats_1JaaY/
I wonder if any of your future posts will trigger todo items on my side haha
@jpmens Dear DP Mens, my name absolutely is not Rob.
@job a thousand excuses, and I cannot even blame autocorrect (vi doesn’t have it here). Also embarassing because I well know you’re Job.
Fixed and pushing as we speak!
@jpmens original Bill Joy vi or some of the modern variants that started appearing in the last 3 decades? I’m quite fond of the original that ships with openbsd 🙂
@job I should learn to say “vi - like”; I use whatever’s on the system, also vim obviously, but I’m not at all familiar with its “bolted-on operating system”, a.k.a. plugins. :)
@jpmens of course seasoned admins like yourself will improvise, adapt, and overcome! I turned my back on vim when upstream changed a color scheme I relied on. I realised I had no idea how to turn it back. Then I embraced openbsd vi, which doesn’t have colors, and there I added support for showing the name in the status bar of the file that’s currently being edited and added a percentage to the ruler to show how far you are into a file. Now it’s _nearly_ perfect 😉
Mischa 🐡😎