Last Updated: November 21, 2025
Focus Areas
| Focus |
|---|
Enable SSH secret engine
|
Stamp each lease with context
|
Commands & Queries
vault write ssh/roles/internal key_type=ca
Define role
vault write ssh/creds/internal ip=10.0.0.1
Issue creds
vault lease revoke
Revoke
Summary
Dynamic SSH reduces standing credentials.
💡 Pro Tip:
Revoke leases when incidents arise.