search for: certificatefiles

Hi All, Please pardon me if it is the wrong list to ask how-to etc. I am having an issue with the Signed SSH keys. I am being asked for the passphrase for my signed public key, even though I don't have any. I am running CentOS7 with OpenSSH_6.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013. 1) I have ca server with ca user keys (ca-user-key.pub) 2) I created user ssh rsa keys (user-id-org and

https://bugzilla.mindrot.org/show_bug.cgi?id=2617 Bug ID: 2617 Summary: sign_and_send_pubkey: no separate private key for certificate Product: Portable OpenSSH Version: 7.3p1 Hardware: 68k OS: Mac OS X Status: NEW Severity: normal Priority: P5 Component: ssh

Some systems like to have a CA supply short-lived certificates to ssh clients. The basic idea is that servers enable certificate authentication, clients authenticate to the CA out of band, and the CA issues client certificates that are valid for a short enough time that users don't want to manually drop them into ~/.ssh or otherwise think about them. There are a handful of commercial

Hi, I have not found any way to use a Certificate with ssh-agent when my Key is stored on a pkcs11 device. I can add my key with ssh-add -s /usr/local/lib/opensc-pkcs11.so but ssh-add -s /usr/local/lib/opensc-pkcs11.so ~/.ssh/mykey-cert.pub does not add the certificate to my agent. As far as I undestand, in ssh-add.c line 580 if (pkcs11provider != NULL) { if (update_card(agent_fd,

Allow users to specify certificates to be used for authentication on the command line with the '-z' argument when running ssh. For successful authentication, the key pair associated with the certificate must also be presented during the ssh. Certificates may also be specified in ssh_config as a CertificateFile. This option is meant the address the issue mentioned in the following

On Tue, Mar 7, 2023, at 3:25 AM, Rory Campbell-Lange wrote: > On 07/03/23, Darren Tucker (dtucker at dtucker.net) wrote: >> On Tue, 7 Mar 2023 at 05:26, Andy Lutomirski <luto at kernel.org> wrote: >> [...] >> > ssh_config contains a Match ... exec [command to refresh the certificate]. >> > This sort of works, except that it runs the command far too

https://bugzilla.mindrot.org/show_bug.cgi?id=2436 Bug ID: 2436 Summary: Add ssh option to present certificates on command line Product: Portable OpenSSH Version: 6.9p1 Hardware: All OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee:

On 07/03/23, Darren Tucker (dtucker at dtucker.net) wrote: > On Tue, 7 Mar 2023 at 05:26, Andy Lutomirski <luto at kernel.org> wrote: > [...] > > ssh_config contains a Match ... exec [command to refresh the certificate]. > > This sort of works, except that it runs the command far too frequently. > > For example, ssh -O exit [name] refreshes the certificate, and it

https://bugzilla.mindrot.org/show_bug.cgi?id=3652 Bug ID: 3652 Summary: KnownHostsCommand should expand tokens and environment variables on first argument Product: Portable OpenSSH Version: 9.6p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=3048 Bug ID: 3048 Summary: ssh reads from the wrong directory in user namespace Product: Portable OpenSSH Version: 7.9p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at

Hello, I decided to embrace getting a new Rails application to see an existing MSSQL database and trying to get unixODBC, freeTDS, and ActiveRecord able to query my MSSQL database. I''m following the procedure outlined at http://wiki.rubyonrails.org/rails/pages/HowtoConnectToMicrosoftSQLServerFromRailsOnLinux but my system (Ubuntu 8.10 - Intrepid Ibex, Rails 2.3, Ruby 1.8.7)

OpenSSH 7.2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH community

OpenSSH 8.4 has just been released. It will be available from the mirrors listed at https://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested

https://bugzilla.mindrot.org/show_bug.cgi?id=2642 Bug ID: 2642 Summary: [sshconnect2] publickey authentication only properly works if used first: pubkey_prepare doesn't work after pubkey_cleanup Product: Portable OpenSSH Version: 7.3p1 Hardware: amd64 OS: Linux Status:

Hi, OpenSSH 8.4p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at

OpenSSH 7.2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH community

Hi, OpenSSH 7.2 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains many bugfixes and several new features. The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is available via Git at https://anongit.mindrot.org/openssh.git/ or via a mirror on Github at

https://bugzilla.mindrot.org/show_bug.cgi?id=3613 Bug ID: 3613 Summary: Unable to sign using certificates and PKCS#11 Product: Portable OpenSSH Version: 8.9p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen Assignee: