I would like to request support for SSH ca certificate. I would like the client to have option of trusted CAs and the client should trust host keys signed by the CA.
Here are some links on how that feature works.
www.digitalocean.com/community/tutorials...-clients-with-ubuntu
neocri.me/documentation/using-openssh-ce...cate-authentication/
We use SSH CA in workplace and its much more secure to trust the CA rather than just accept unknown host key when logging into a new machine for the first time.
Regards,