hashicorp · yhyakuna · Dec 18, 2024 · Dec 6, 2024 · Dec 6, 2024 · Dec 6, 2024
@@ -1,16 +1,12 @@
 ---
 layout: docs
-page_title: SSH - Secrets Engines
-description: |-
-  The Vault SSH secrets engine provides secure authentication and authorization
-  for access to machines via the SSH protocol. There are two modes to the Vault
-  SSH secrets engine including signed SSH certificates and one-time passwords.
+page_title: SSH secrets engine
+description: >-
+  Securely access machines via the SSH protocl using the SSH secrets engine plugin. It supports signed SSH certificates and one-time password modes.
 ---
 
 # SSH secrets engine
 
-Name: `ssh`
-
 The Vault SSH secrets engine provides secure authentication and authorization
 for access to machines via the SSH protocol. The Vault SSH secrets engine helps
 manage access to machine infrastructure, providing several ways to issue SSH

@@ -1,16 +1,14 @@
 ---
 layout: docs
-page_title: One-Time SSH Passwords (OTP) - SSH - Secrets Engines
-description: |-
-  The One-Time SSH Password (OTP) SSH secrets engine type allows a Vault server
-  to issue a One-Time Password every time a client wants to SSH into a remote
-  host using a helper command on the remote host to perform verification.
+page_title: One-time SSH passwords
+description: >-
+  Issue a one-time password every time a client connects to a remote machine via SSH using a helper command on the host to perform verification.
 ---
 
-# One-Time SSH passwords
+# One-time SSH passwords
 
 The One-Time SSH Password (OTP) SSH secrets engine type allows a Vault server to
-issue a One-Time Password every time a client wants to SSH into a remote host
+issue a one-time password every time a client wants to SSH into a remote host
 using a helper command on the remote host to perform verification.
 
 An authenticated client requests credentials from the Vault server and, if

@@ -1,15 +1,8 @@
 ---
 layout: docs
-page_title: Signed SSH Certificates - SSH - Secrets Engines
+page_title: Signed SSH certificates
 description: >-
-  The signed SSH certificates is the simplest and most powerful in terms of
-
-  setup complexity and in terms of being platform agnostic. When using this
-
-  type, an SSH CA signing key is generated or configured at the secrets engine's
-  mount.
-
-  This key will be used to sign other SSH keys.
+  Generate an SSH CA signing key with the SSH secrets engine to securely connect to a remote machine.
 ---
 
 # Signed SSH certificates

@@ -1,14 +1,13 @@
 ---
 layout: docs
-page_title: FF3-1 Tweak Usage Documentation
-description: |-
-  Details and best practices for FF3-1 transform usage. 
+page_title: FF3-1 tweak usage documentation
+description: >-
+  Follow the best practices for using the FF3-1 algorithm when performing format preserving encryption (FPE) with the transform secrets engine. 
 ---
-# FF3-1 tweak usage documentation
 
-## Introduction 
+# FF3-1 tweak usage documentation
 
-The Vault Transform Secrets Engine uses the FF3-1 algorithm for FPE 
+The Vault's transform secrets engine uses the FF3-1 algorithm for FPE 
 (format preserving encryption) transformations. The key benefit of format
 preserving encryption schemes is that it allows for the secure encryption 
 of plaintexts over small domain spaces [1]. However, this comes with 

@@ -1,8 +1,8 @@
 ---
 layout: docs
-page_title: Transform - Secrets Engines
+page_title: Transform secrets engine
 description: >-
-  The Transform secrets engine for Vault performs secure data transformation.
+  Perform secure data transformation and tokenization with the transform secrets engine plugin.
 ---
 
 # Transform secrets engine

@@ -1,8 +1,8 @@
 ---
 layout: docs
-page_title: Transform - Secrets Engines - Tokenization
+page_title: Tokenization transform
 description: >-
-  More information on the Tokenization transform.
+  Perform data tokenization with the transform secrets engine. It increases the irreversibility of the highly sensitive data.
 ---
 
 # Tokenization transform

@@ -1,9 +1,8 @@
 ---
 layout: docs
-page_title: Transit - Secrets Engines
+page_title: Transit secrets engine
 description: >-
-  The transit secrets engine for Vault encrypts/decrypts data in-transit. It
-  doesn't store any secrets.
+  Encrypt and decrypt data in-transit with the transit secrets engine plugin. It provides "encryption as a service" and does not store the data itself.
 ---
 
 # Transit secrets engine

@@ -1,8 +1,8 @@
 ---
 layout: docs
-page_title: Key Wrapping for Transit Key Import - Transit - Secrets Engines
-description: |-
-  Details about wrapping keys for import into the transit secrets engine.
+page_title: Key wrapping for transit key import
+description: >-
+  Import the externally generated encryption key into the transit secrets engine and use that to encrypt/decrypt data in-transit.
 ---
 
 # Key wrapping for transit key import