Displaying 3 results from an estimated 3 matches for "rlkebjpon2".
2014 Dec 17
0
[Bug 1872] Support better hash algorithms for key fingerprints (FIPS compat)
...ssh, and a -E flag to
ssh-add, ssh-agent and ssh-keygen. Fingerprints are now prefixed with
the hash algorithm used and non-MD5 hashes use base64 encoding rather
than hex. The default fingerprint algorithm is SHA256.
Examples:
> ssh-keygen -vlf /etc/ssh/ssh_host_rsa_key.pub
> 2048 SHA256:rLKEbjpoN2+kuMQB7EiPqaeHut65ZfSe/z1EaWtKEmk /etc/ssh/ssh_host_rsa_key.pub (RSA)
> +---[RSA 2048]----+
> | |
> |. |
> |.o . . |
> |= + . E + |
> |.= . . S . o . |
> |o ...... . . + |
> |o++ =o.. o + |
> |=*+=++. . ... |
>...
2015 Jun 02
3
OpenSSH Linux portable patch proposal
Dear OpenSSH Developers,
I would like to propose a patch to OpenSSH for Linux. In the recent few
months, I have encountered a scenario where a PAM module used for
authentication in SSH should be informed about the previous successful
authentication methods. I described the complete scenario here:
2015 Jun 03
30
[Bug 2408] New: Expose authentication information to PAM
...the loaded PAM modules when
PAM authentication is used (typically the last method in the chain).
E.g. sshd could set a PAM environment variable that holds the useful
information, like this:
SSH_USER_AUTH=hostbased RSA
SHA256:Iw75Ex+Re8WyIjqHEukxHtwz2weTFTBLPD2J9doYEfU, publickey CA
ED25519 SHA256:rLKEbjpoN2+kuMQB7EiPqaeHut65ZfSe/z1EaWtKEmk Cert ID
djm at mindrot.org Serial 27908739, password
This way, a smart PAM stack could make decisions based upon the
previously successful authentication methods and/or the supplied
credentials. For example, one might want to invoke different PAM
modules when the u...