Displaying 1 result from an estimated 1 matches for "versign".
Did you mean:
verisign
2005 Mar 02
1
PKI and SSH (cont.)
...ing to authenticate presents a certificate
that has been:
1. signed by My_Root_CA
2. is not expired
3. is not revoked
then SSHD will proceed with the authentication of the client.
If the "client user" gets Public/private keys + certificate from
some other CA (like DigSigTrust.com or Versign.com) the SSHD will
NOT authenticate because the certificate used was not signed by:
My_Root_CA"
Can OpenSSH do this??
If not, I do not want the client user to be able to install his own
public keys. Can I put a list of accepted public keys somewhere else
(like: /etc/ssh/authorized_keys...