Hi,

we are looking into improving our user identity and access management for SSH access by implementing SSH certificate based authentication using Hashicorp Vault as the certificate authority. This way we could use our centralized user user credentials to give short-lived ssh access, without having to worry about distributing each user's ssh keys to all hosts and managing their lifecycles.

Similarly we would like to use SSH host certificates to ensure that our users can have confidence that they are connecting to the correct hosts and won't have to deal with host fingerprints and TOFU decisions.

Sadly RouterOS doesn't support either of these currently, so I'm opening this thread as a feature request.