Displaying 2 results from an estimated 2 matches for "host_certif".
Did you mean:
host_cert
2012 Nov 21
1
HostKey in hardware?
Hi,
Is there any way to store HostKey in hardware (and delegate the related
processing)?
I have been using Roumen Petrov's x509 patch for clients, which works via an
OpenSSL engine, but it does not seem to support server HostKey:
http://roumenpetrov.info/pipermail/ssh_x509_roumenpetrov.info/2012q4/000019.html
For PKCS#11, I have found an email on this list from a year back suggesting
this
2013 Jun 25
1
RFC: encrypted hostkeys patch
...structure. The idea is that this structure could be locked into memory so
@@ -206,6 +210,7 @@ struct {
Key *server_key; /* ephemeral server key */
Key *ssh1_host_key; /* ssh1 host key */
Key **host_keys; /* all private host keys */
+ Key **host_pubkeys; /* all public host keys */
Key **host_certificates; /* all public host certificates */
int have_ssh1_key;
int have_ssh2_key;
@@ -652,11 +657,18 @@ privsep_preauth(Authctxt *authctxt)
} else if (pid != 0) {
debug2("Network child is on pid %ld", (long)pid);
+ auth_conn = ssh_get_authentication_connection();
+
pmonitor-&...