thr3ads.net - openssh unix dev - pkcs #11/hardware support for server keys/sshd? [Dec 2016]

If this information is useful, please help other people find it:
Share via:

Kenny Simpson

2016-Dec-13 19:00 UTC

pkcs #11/hardware support for server keys/sshd?

Hello,
  Is there any support (existing or planned) for host keys/certs being
managed by some hardware device (tpm,hsm,etc..) instead of a flat
file?

thanks,
-Kenny

Alon Bar-Lev

2016-Dec-13 19:29 UTC

head link

pkcs #11/hardware support for server keys/sshd?

On 13 December 2016 at 21:00, Kenny Simpson <theonetruekenny at gmail.com>
wrote:> Hello,
>   Is there any support (existing or planned) for host keys/certs being
> managed by some hardware device (tpm,hsm,etc..) instead of a flat
> file?
man ssh
search for PKCS#11

Kenny Simpson

2016-Dec-13 19:31 UTC

head link

pkcs #11/hardware support for server keys/sshd?

I see support for client (ssh/ssh_config), but not server (sshd/sshd_config).

-Kenny


On Tue, Dec 13, 2016 at 2:29 PM, Alon Bar-Lev <alon.barlev at gmail.com>
wrote:> On 13 December 2016 at 21:00, Kenny Simpson <theonetruekenny at
gmail.com> wrote:
>> Hello,
>>   Is there any support (existing or planned) for host keys/certs being
>> managed by some hardware device (tpm,hsm,etc..) instead of a flat
>> file?
>
> man ssh
> search for PKCS#11

Mike Tancsa

2016-Dec-14 19:44 UTC

head link

pkcs #11/hardware support for server keys/sshd?

On 12/13/2016 2:00 PM, Kenny Simpson wrote:> Hello,
>   Is there any support (existing or planned) for host keys/certs being
> managed by some hardware device (tpm,hsm,etc..) instead of a flat
> file?
Not sure if this is what you are after ?

http://www.tancsa.com/mdtblog/?p=73

	---Mike


-- 
-------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike at sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada   http://www.tancsa.com/

Kenny Simpson

2016-Dec-15 06:45 UTC

head link

pkcs #11/hardware support for server keys/sshd?

yes, I found this after getting clued into HostKeyAgent.
Any updates since the post, or has it Just Worked ever since?

thanks,
-Kenny


On Wed, Dec 14, 2016 at 2:44 PM, Mike Tancsa <mike at sentex.net>
wrote:> On 12/13/2016 2:00 PM, Kenny Simpson wrote:
>> Hello,
>>   Is there any support (existing or planned) for host keys/certs being
>> managed by some hardware device (tpm,hsm,etc..) instead of a flat
>> file?
>
> Not sure if this is what you are after ?
>
> http://www.tancsa.com/mdtblog/?p=73
>
>         ---Mike
>
>
> --
> -------------------
> Mike Tancsa, tel +1 519 651 3400
> Sentex Communications, mike at sentex.net
> Providing Internet services since 1994 www.sentex.net
> Cambridge, Ontario Canada   http://www.tancsa.com/

Possibly Parallel Threads

Search for more reasonably related threads

openssh unix dev - Dec 2016 - pkcs #11/hardware support for server keys/sshd?

pkcs #11/hardware support for server keys/sshd?

pkcs #11/hardware support for server keys/sshd?

pkcs #11/hardware support for server keys/sshd?

pkcs #11/hardware support for server keys/sshd?

pkcs #11/hardware support for server keys/sshd?

Possibly Parallel Threads