1. Proposed title of this feature request [RFE] Allow remote execution to use CA-issued SSH certificates 3. What is the nature and description of the request? The customer would like to use SSH certificates issued by their certificate authority, rather than SSH keys, for remote execution. 4. Why does the customer need this? (List the business requirements here) They believe that this approach will be more secure than using gpg keys. 5. How would the customer like to achieve this? (List the functional requirements here) Add fields under Administer > Settings > Remote Execution to specify the path to the SSH certificate, SSH certificate key and certificate authority bundle files. Add a check-mark box in the "Advanced fields" section of the "Schedule Remote Job" page to allow SSH keys to be used. Also add corresponding options to the hammer command, and to the REST API. 6. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented. . 7. Is there already an existing RFE upstream or in Red Hat Bugzilla? no 8. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL8, RHEL9)? no 9. Is the sales team involved in this request and do they have any additional input? no 10. List any affected packages or components. ssh ansible(?) 11. Would the customer be able to assist in testing this functionality if implemented? .
> They believe that this approach will be more secure than using gpg keys. gpg keys? > Add fields under Administer > Settings > Remote Execution to specify the path to the SSH certificate, SSH certificate key and certificate authority bundle files. So there would be a single certificate, key and CA file for the *entire satellite*, shared accross organizations and so on? And when used, contents of those files would be sent over to the capsules?