I'm deploying hundreds/thousands of small servers that communicate with my hosted mothership via HTTPS and ssh.
What are the best practices for managing SSL client certs (for https) and ssh keys, when either might need to be revoked? I'm thinking about issues like distributing keys/certs on change, managing revocation, when an individual ssh key is needed vs a shared one...
Generate the key on the client, save the keypair in a SQLite database (preferably encrypted), transmit the public key to the server via web-methods, and save it there.
Since it's a public key, you can transmit and save it unencrypted.
(Optionally generate a key on the server and send the public key back to the client)
When a key needs to be revoked, you simply delete the respective keys on the server.
For thousands of servers you might consider using an Enterprise product like Venafi Encryption Director: http://www.venafi.com/Products/Venafi-Encryption-Director/ It is quote expensive though so you'll have to determine if it is worth it.
There are also free products (http://www.kousec.com/download.html) that have similar functions but they aren't nearly as robust.
精彩评论