Aside from downloading the .pub file and manually importing it on hosts, is there a better way I could import the certificate on individual hosts? Were I to eventually implement foreman at work, having to SSH to the server itself each time we’re adding a new host wouldn’t work well.
There is already a snippet “remote_execution_ssh_keys” included in the provisioning template that will do the work for you, so if you provision your systems with Foreman it should be ready to accept jobs after provision finished successfully.
The snippet could also be used in other templates except from job templates, but this should not be a problem as it is for setting up jobs. If you simply want to execute it manually you can go on the preview of the template and copy&paste it to the console.
Setting this up after provisioning without a root access or at least a user with sudo rules already in place is a pain. But you can also use the user with sudo to run jobs by using the settings in Foreman.
What I did once in the past at a customer where I had no puppet to do the configuration and only had my personal account with ssh key and sudo rules already deployed, was to configure Foreman to use my account for job execution until I had successfully run a job creating a new user rex at all systems and then change the configuration to use this user instead.