search for: rr_hostname

Hi, I don't see any way to view the details of a certificate once it is generated. Having such a capability would be very handy for debugging purposes to check what constraints, principals, and validity interval are associated with a given cert. -- Iain Morgan

...for sign: " + error("Too few arguments for verify: " "missing allowed keys file"); exit(1); } @@ -3686,14 +3743,19 @@ main(int argc, char **argv) exit(1); } return sig_verify(ca_key_path, cert_principals, - cert_key_id, identity_file, rr_hostname, - opts, nopts); + cert_key_id, identity_files, nidentity_files, + rr_hostname, opts, nopts); } error("Unsupported operation for -Y: \"%s\"", sign_op); usage(); /* NOTREACHED */ } + /* All other operations accept only a single keyfile */ + if (n...

Hello, I'm currently evaluating using `ssh-keygen -Y verify` to check OS artifacts (e.g. packages) and I noticed that the `-f allowed_signers_file` option can be passed only once. A side remark: technically it can be passed multiple times without a warning but the last invocation overrides all previous ones. Tested using: $ ssh-keygen -Y verify -f allowed_signers -f /dev/null -n file -s

...#39;v': if (log_level == SYSLOG_LEVEL_INFO) log_level = SYSLOG_LEVEL_DEBUG1; @@ -1221,6 +1363,8 @@ printf("Can only have one of -p and -c.\n"); usage(); } + if (sign_host_key) + do_sign_host_key(pw); if (delete_host || hash_hosts || find_host) do_known_hosts(pw, rr_hostname); if (print_fingerprint || print_bubblebabble) Index: ssh_config.5 =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh_config.5,v retrieving revision 1.97 diff -u -r1.97 ssh_config.5 --- ssh_config.5 27 Jul 2006 08:00:50 -0000 1.97 +++ ssh_config...