Allow to specify the key type on step ssh commands

[maraino]

Description

Add flags --kty, --crv, and --size in step ssh commands to be able to create different type of keys and certificates.

Right now there's a workaround using the --sign.

Why this is needed

Some users have asked for this https://github.com/smallstep/certificates/discussions/569

[dopey]

Also, add to step ssh login and step ssh proxycommand.

[dopey]

https://github.com/smallstep/cli/issues/293

[jhult]

It would be nice to have this for step ca provisioner add my-new-provisioner --ssh --create as well. Not sure if we should track that in this issue or another.

Alternatively, using a more modern default (see smallstep/certificates#581) would be a good first step (e.g. --kty=OKP --curve=ed25519).

[DavidBoman]

It would also be nice to have the possibility to specify defaults for kty, crv etc. in defaults.json for a smooth user experience!

[dopey]

@DavidBoman if I understand your comment correctly, once these flags are added to step ssh commands we'll be able to use gather them from defaults.json as well. The code that parses the flags checks that file for values as part of the parsing process.

[dopey]

@jhult I'm a bit confused by your comment - apologies that it's taken a literal year to respond.

step ca provisioner add xxx --ssh --create will add a new JWK provisioner enabled for SSH. It doesn't create any SSH keys. It does create a JWK pub / priv key pair.