search for: revoked_key

...l Options: (none) ??????? Extensions: ??????????????? permit-X11-forwarding ??????????????? permit-agent-forwarding ??????????????? permit-port-forwarding ??????????????? permit-pty ??????????????? permit-user-rc Now i try to revoke this certificate with ssh-keygen -s ../user_ca.pub -kf /etc/ssh/revoked_keys -z 17 id_user_rsa-cert.pub The serial is 1 less the serial of my created certificate Check, if my certificate is valid root at host # ssh-keygen -Qf /etc/ssh/revoked_keys id_user_rsa-cert.pub id_user_rsa-cert.pub (test on myhost - created by ansible (1564358942)): REVOKED Why? I thougt, when i...

...ug3: parse_revoked_certs: subsection type 0x20 buffer_get_string_ptr: bad string length 268032 parse_revoked_certs: buffer error Invalid KRL, refusing public key authentication I generated the KRL using two textfiles containing multiple serial: <serial> lines like this: ssh-keygen -k -u -f revoked_keys.bin -s ca1.pub revoked_keys1 ssh-keygen -k -u -f revoked_keys.bin -s ca2.pub revoked_keys2 I have tried to remove the revoked_keys.bin and generate a new one without success. I even tried revoking from ca2 first and then ca1.. -- You are receiving this mail because: You are watching the assigne...

https://bugzilla.mindrot.org/show_bug.cgi?id=3204 Bug ID: 3204 Summary: Enable user-relative revoked keys files Product: Portable OpenSSH Version: 8.1p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at

...et's suppose it is unique), or key hash SHA256:KdBh..., and no other kind of hash is known. The SHA256 hash is useless, because (at least according to the documentation) "ssh-keygen -k" only accepts SHA1 hashes. So let's try the ID. echo 'id: user' | ssh-keygen -k -f revoked_keys -s ca /dev/stdin OK, after transferring the result to the server and setting the RevokedKeys option in sshd_config, it works. But, as an admin, I would also like to revoke the key itself (not only the certificate) where I can. And I don't have any information to do so - is it because my wi...

...t;> ??????????????? permit-agent-forwarding >> ??????????????? permit-port-forwarding >> ??????????????? permit-pty >> ??????????????? permit-user-rc >> >> >> Now i try to revoke this certificate with >> >> ssh-keygen -s ../user_ca.pub -kf /etc/ssh/revoked_keys -z 17 >> id_user_rsa-cert.pub >> >> The serial is 1 less the serial of my created certificate >> >> Check, if my certificate is valid >> >> root at host # ssh-keygen -Qf /etc/ssh/revoked_keys id_user_rsa-cert.pub >> id_user_rsa-cert.pub (test on myho...

...+ rm -f regress/allowed_signers + rm -f regress/authkeys_orig + rm -f regress/command + rm -f regress/data.2 + rm -f regress/done + rm -f regress/expect_* + rm -f regress/host.sk-ssh-ed25519 at openssh.com + rm -f regress/host_* + rm -f regress/revoked_keys + rm -f regress/sigca-key + rm -f regress/sigca-key.pub + rm -f regress/sk-ssh-ed25519 at openssh.com* + rm -f regress/ssh-ed25519* + rm -f regress/ssh_output + rm -f regress/ssh_proxy.bak + rm -f regress/sshd-log-wrapper.sh + rm -f regress/sshd_conf...