Displaying 1 result from an estimated 1 matches for "my_root_ca".
2005 Mar 02
1
PKI and SSH (cont.)
...to go...
I want SSHD to authenticate my users based upon the "Root
Certificate" of "My" PKI. (Say I set it up using: "CA.pl"
http://www.openssl.org/docs/apps/CA.pl.html)
If the client attempting to authenticate presents a certificate
that has been:
1. signed by My_Root_CA
2. is not expired
3. is not revoked
then SSHD will proceed with the authentication of the client.
If the "client user" gets Public/private keys + certificate from
some other CA (like DigSigTrust.com or Versign.com) the SSHD will
NOT authenticate because the certificate used was not si...