Closed GavinFrazar closed 1 year ago
I don't think this is a regression or an issue, we always connect to the root proxy and "tsh proxy ssh" requests a proxy subsystem that routes the connection to the correct cluster. Previous versions (v9-v12) generate the same config.
Closing as working as designed.
Expected behavior:
tsh config
should generate a config file that properly configures ssh client certificate fileCurrent behavior: When logged into a leaf cluster, my ssh cert is at
keys/<root-proxy>/gavin-ssh/<leaf-cluster>-cert.pub
buttsh config
specifiesCertificateFile: "...*snip*.../<root-cluster>-cert.pub"
in the ssh config it generates for leaf cluster hosts.Example:
Bug details: