Based on our record, Smallstep Certificates should be more popular than Smallstep SSH. It has been mentiond 10 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
Through a combination of the properties that are in an SSH certificate and configuration on the hosts, you'll be able to realize RBAC. If you're using the open source step-ca, this will require you to configure things yourself on the hosts. We also have an offering where this capability and management/auditing of the rules is hosted for you, which makes that specific part easier: https://smallstep.com/sso-ssh/. Source: 11 months ago
Just a little heads up https://smallstep.com/certificates/. Source: about 1 year ago
Step-ca: Not web based, but the CLI is pretty user friendly: https://smallstep.com/certificates/. Source: over 1 year ago
I was just looking at https://smallstep.com/certificates a few days ago. It looks like they have an operator that fits your description as well as example docs for setting up inter-microservice mtls. Source: over 1 year ago
In the quick search I learned about Ssh cert authority which looks very manual and also like a dead project Smallstep's step-ca who put together very nice article about how to begin certificate authority process Netflix' BLESS is AWS only Cashier which also looks quite ok. Source: almost 2 years ago
If you want something a little fancier (I.e. Get automatic certs with all that ACME goodness) check out SmallStep. This is next on my list of homelab projects. Source: over 2 years ago
Keystash.io - Centralized Linux user and SSH key management software
BastionXP - BastionXP Identity Based Infrastructure Access Platform is a Public Key Infrastructure (PKI) / Certificate Authority (CA) that creates, signs and distributes SSH, SSL X.509 certificates to servers and users upon successful SSO login via OAuth or SAML
OneLogin - On-demand SSO, directory integration, user provisioning and more
PKI.js - PKIjs is a pure JavaScript library implementing the formats that are used in PKI applications (signing, encryption, certificate requests, OCSP and TSP requests/responses). It is built on WebCrypto (Web Cryptography API) and requires no plug-ins.
strongDM - Trust strongDM to manage an engineers access to everything
OpenXPKI - OpenXPKI is a software stack that provides all necessary components to manage keys and certificates...