diff --git a/capsulflask/templates/about-ssh.html b/capsulflask/templates/about-ssh.html index d1bc749..ea81d87 100644 --- a/capsulflask/templates/about-ssh.html +++ b/capsulflask/templates/about-ssh.html @@ -261,15 +261,16 @@ Host key verification failed.
- So what are technologists to do? Most cloud providers don't "provide" a secure and reliable way to get the SSH host public keys
+ So what are technologists to do? Most cloud providers don't "provide" an easy way to get the SSH host public keys
for instances that users create on thier platform. For example, see this
question posted by a frustrated user trying to secure thier connection to a digitalocean droplet.
- Besides using the provider's HTTPS-based console to log into the machine & directly read the public key, most of the time,
- providers recommend using a "userdata script", which runs when the machine boots, to upload the machine's SSH public keys to a
- trusted location, like Backblaze B2 or
- Amazon S3[1] storage for later retrieval by users.
+ Besides using the provider's HTTPS-based console to log into the machine & directly read the public key,
+ providers also recommend using a "userdata script".
+ This script would run on boot & to upload the machine's SSH public keys to a
+ trusted location like Backblaze B2 or
+ Amazon S3[1], for an application to retrieve later.
As an example, I wrote a
userdata script which does this