About policies for security settings in your enterprise
You can enforce policies to control the security settings for organizations owned by your enterprise on GitHub AE. By default, organization owners can manage security settings. For more information, see "Keeping your organization secure."
Managing allowed IP addresses for organizations in your enterprise
You can restrict network traffic to your enterprise on GitHub AE. For more information, see "Restricting network traffic to your enterprise."
Managing SSH certificate authorities for your enterprise
You can use a SSH certificate authorities (CA) to allow members of any organization owned by your enterprise to access that organization's repositories using SSH certificates you provide. You can require that members use SSH certificates to access organization resources, unless SSH is disabled in your repository. For more information, see "About SSH certificate authorities."
When you issue each client certificate, you must include an extension that specifies which GitHub AE user the certificate is for. For more information, see "About SSH certificate authorities."
Adding an SSH certificate authority
If you require SSH certificates for your enterprise, enterprise members should use a special URL for Git operations over SSH. For more information, see "About SSH certificate authorities."
-
In the top-right corner of GitHub AE, click your profile photo, then click Enterprise settings.
-
In the enterprise account sidebar, click Settings.
-
In the left sidebar, click Security.
-
To the right of "SSH Certificate Authorities", click New CA.
-
Under "Key," paste your public SSH key.
-
Click Add CA.
-
Optionally, to require members to use SSH certificates, select Require SSH Certificates, then click Save.
Deleting an SSH certificate authority
Deleting a CA cannot be undone. If you want to use the same CA in the future, you'll need to upload the CA again.
-
In the top-right corner of GitHub AE, click your profile photo, then click Enterprise settings.
-
In the enterprise account sidebar, click Settings.
-
In the left sidebar, click Security.
-
Under "SSH Certificate Authorities", to the right of the CA you want to delete, click Delete.
-
Read the warning, then click I understand, please delete this CA.