search for: clcert

...this is your *only* line of defense, it is brittle. A robustly secure system will overlap protection: strong hashes, password compliance systems, brute force countermeasures, file permissions/OS hardening, network origins vetting, anti-DoS measures, etc. Keep this picture in mind that I found on CLCERT https://www.clcert.cl/humor/img/weakest-link-road.jpg Joseph Tam <jtam.home at gmail.com>

...=== Outside of the above fix it would be wonderful if ssh-keygen could just import an entire x509 and spit out a complete openssh public & private key. Right now I do this with a script something like the following (i omitted the steps on cert validation etc) openssl pkcs12 -in cavanaug.p12 -clcerts -out id_rsa openssl x509 -in id_rsa -pubkey -noout > x pubkey2ssh x comment > id_rsa.pub Id love to just be able to do something directly with ssh-keygen -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are...