Displaying 6 results from an estimated 6 matches for "revoked_keys".
2019 Sep 13
2
revoking ssh-cert.pub with serial revokes also younger certs
...l Options: (none)
??????? Extensions:
??????????????? permit-X11-forwarding
??????????????? permit-agent-forwarding
??????????????? permit-port-forwarding
??????????????? permit-pty
??????????????? permit-user-rc
Now i try to revoke this certificate with
ssh-keygen -s ../user_ca.pub -kf /etc/ssh/revoked_keys -z 17
id_user_rsa-cert.pub
The serial is 1 less the serial of my created certificate
Check, if my certificate is valid
root at host # ssh-keygen -Qf /etc/ssh/revoked_keys id_user_rsa-cert.pub
id_user_rsa-cert.pub (test on myhost - created by ansible (1564358942)):
REVOKED
Why? I thougt, when i...
2014 Nov 14
2
[Bug 2313] New: Corrupt KRL file when using multiple CA.
...ug3: parse_revoked_certs: subsection type 0x20
buffer_get_string_ptr: bad string length 268032
parse_revoked_certs: buffer error
Invalid KRL, refusing public key authentication
I generated the KRL using two textfiles containing
multiple serial: <serial> lines like this:
ssh-keygen -k -u -f revoked_keys.bin -s ca1.pub revoked_keys1
ssh-keygen -k -u -f revoked_keys.bin -s ca2.pub revoked_keys2
I have tried to remove the revoked_keys.bin and generate a new one
without success. I even tried revoking from ca2 first and then ca1..
--
You are receiving this mail because:
You are watching the assignee...
2020 Aug 28
2
[Bug 3204] New: Enable user-relative revoked keys files
https://bugzilla.mindrot.org/show_bug.cgi?id=3204
Bug ID: 3204
Summary: Enable user-relative revoked keys files
Product: Portable OpenSSH
Version: 8.1p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2018 Sep 06
4
Some wishes regarding revoked keys
...et's
suppose it is unique), or key hash SHA256:KdBh..., and no other kind of
hash is known.
The SHA256 hash is useless, because (at least according to the
documentation) "ssh-keygen -k" only accepts SHA1 hashes. So let's try
the ID.
echo 'id: user' | ssh-keygen -k -f revoked_keys -s ca /dev/stdin
OK, after transferring the result to the server and setting the
RevokedKeys option in sshd_config, it works. But, as an admin, I would
also like to revoke the key itself (not only the certificate) where I
can. And I don't have any information to do so - is it because my wis...
2019 Sep 16
2
revoking ssh-cert.pub with serial revokes also younger certs
...t;> ??????????????? permit-agent-forwarding
>> ??????????????? permit-port-forwarding
>> ??????????????? permit-pty
>> ??????????????? permit-user-rc
>>
>>
>> Now i try to revoke this certificate with
>>
>> ssh-keygen -s ../user_ca.pub -kf /etc/ssh/revoked_keys -z 17
>> id_user_rsa-cert.pub
>>
>> The serial is 1 less the serial of my created certificate
>>
>> Check, if my certificate is valid
>>
>> root at host # ssh-keygen -Qf /etc/ssh/revoked_keys id_user_rsa-cert.pub
>> id_user_rsa-cert.pub (test on myhos...
2023 Oct 20
0
[PATCH] Clean up the regress directory with make clean
...+ rm -f regress/allowed_signers
+ rm -f regress/authkeys_orig
+ rm -f regress/command
+ rm -f regress/data.2
+ rm -f regress/done
+ rm -f regress/expect_*
+ rm -f regress/host.sk-ssh-ed25519 at openssh.com
+ rm -f regress/host_*
+ rm -f regress/revoked_keys
+ rm -f regress/sigca-key
+ rm -f regress/sigca-key.pub
+ rm -f regress/sk-ssh-ed25519 at openssh.com*
+ rm -f regress/ssh-ed25519*
+ rm -f regress/ssh_output
+ rm -f regress/ssh_proxy.bak
+ rm -f regress/sshd-log-wrapper.sh
+ rm -f regress/sshd_confi...