SSH access is ubiquitous — It’s how engineers, scripts, and platforms across the world remotely administer Linux systems. That said, as teams and systems grow, managing access with static SSH keys becomes brittle and issues like key sprawl, unclear boundaries, and poor revocation hygiene start to emerge. SSH certificates offer an alternative approach to securing and managing access at scale.Documentation Index
Fetch the complete documentation index at: https://infisical-feat-gateway-connector.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
What is an SSH Certificate?
An SSH certificate is a short-lived, signed credential that proves a user or host’s identity. Unlike static SSH keys, which are distributed and managed manually, SSH certificates rely on a centralized certificate authority (CA) to vouch for identities. There are two types of SSH certificates:- User certificates: Issued to users to authenticate with remote hosts
- Host certificates: Issued to hosts so clients can verify they’re trusted
SSH with Infisical
Infisical SSH gives you a secure, scalable way to manage infrastructure access using SSH certificates — without the overhead of running your own certificate authority, wiring trust across hosts, or building issuance workflows from scratch. It replaces long-lived SSH keys with short-lived, identity-bound certificates and handles all the moving parts for you: operating CAs, configuring trust between users and hosts, and issuing certificates on demand. With Infisical SSH, you can register a host withinfisical ssh add-host, then connect with infisical ssh connect — that’s all it takes.
The result is centralized, auditable SSH access that’s easy to use and built to scale with your infrastructure.