search for: sig_principal

Displaying 2 results from an estimated 2 matches for "sig_principal".

Multiple allowed signer files in `ssh-keygen -Y verify`
2025 Apr 29
1
Multiple allowed signer files in `ssh-keygen -Y verify`
...hsig.sh +++ b/sshsig.sh @@ -6,7 +6,7 @@ tid="sshsig" DATA2=$OBJ/${DATANAME}.2 cat ${DATA} ${DATA} > ${DATA2} -rm -f $OBJ/sshsig-*.sig $OBJ/wrong-key* $OBJ/sigca-key* +rm -f $OBJ/sshsig-*.sig $OBJ/wrong-key* $OBJ/sigca-key* $OBJ/allowed_signers* sig_namespace="test-$$" sig_principal="user-$$@example.com" @@ -66,11 +66,22 @@ for t in $SIGNKEYS; do $hashalg_arg < $DATA > $sigfile 2>/dev/null || \ fail "sign using $t / $h failed" (printf "$sig_principal " ; cat $pubkey) > $OBJ/allowed_signers + echo "" > $OBJ/a...
Multiple allowed signer files in `ssh-keygen -Y verify`
2025 Apr 23
1
Multiple allowed signer files in `ssh-keygen -Y verify`
Hello, I'm currently evaluating using `ssh-keygen -Y verify` to check OS artifacts (e.g. packages) and I noticed that the `-f allowed_signers_file` option can be passed only once. A side remark: technically it can be passed multiple times without a warning but the last invocation overrides all previous ones. Tested using: $ ssh-keygen -Y verify -f allowed_signers -f /dev/null -n file -s