Hi, We want to use openSSH for one of our project. But we need certificate exchange support. I have gone through the documentation. It says openSSH support key management but no mention of certificates. I have seen some people outside openSSH giving patches for supporting X.509 but not sure how stable are those patches. Is there a way that openSSH support certificates? Your guidance will help a lot. Thanks & Regards, -- Srinivas R Please do not print this email unless it is absolutely necessary. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com
srinivas.ramana at wipro.com wrote:> Is there a way that openSSH support certificates?Not out of the box. See http://roumenpetrov.info/openssh/ //Peter
srinivas.ramana at wipro.com wrote:> Hi, > > We want to use openSSH for one of our project. But we need certificate exchange support. I have gone through the documentation. It says openSSH support key management but no mention of certificates. I have seen some people outside openSSH giving patches for supporting X.509 but not sure how stable are those patches.If you address issues similar to CVE-2008-5077 my patch for "X.509 certificate support in OpenSSH" is not impacted. The checks for return value from openssl functions is always performed and this is from first version. [SNIP] Roumen
> We want to use openSSH for one of our project. But we need certificate exchange support. I have gone through the documentation. It says openSSH support key management but no mention of certificates. I have seen some people outside openSSH giving patches for supporting X.509 but not sure how stable are those patches. > > Is there a way that openSSH support certificates? Your guidance will help a lot. >The OpenSSH in XtreemOS project (www.xtreemos.org) has been extended to support X509 certificates (also including the SSO via extended ForwardAgent mechanism). In its functionalities, certificate verification is first step to do authentication, and traditional authentication mechanisms are following. XtreemOS is open source, you can download what you need. Best Regards, Ian
Maybe Matching Threads
- Announce: X.509 certificates support v7.0 for OpenSSH version 5.9p1
- Announce: X.509 certificates support version 5.5.1 in OpenSSH 4.4p1
- Suggestion: Deprecate SSH certificates and move to X.509 certificates
- OpenSSH and X.509 Certificate Support
- Announce: X.509 certificates support v7.2 for OpenSSH version 6.0p1