similar to: OpenSSH support for X.509 certificates?

Displaying 20 results from an estimated 100000 matches similar to: "OpenSSH support for X.509 certificates?"

2012 May 25
2
Announce: X.509 certificates support v7.2 for OpenSSH version 6.0p1
Dear All, X.509 certificates support for OpenSSH version 6.0p1 was published. I brief new version include : - support for Android platform; - engine implementation is now considered stable; - various regression test improvements including fixes for OpenSSL FIPS enabled 1.0.1 stable release and korn shell Yours sincerely, Roumen Petrov -- Get X.509 certificates support in OpenSSH:
2006 Apr 27
0
Announce: X.509 certificates support in OpenSSH version 5.4
Hi All, The version 5.4 of "X.509 certificates support in OpenSSH" is ready for download. On download page http://roumenpetrov.info.localhost/openssh/download.html#get_-5.4 you can found diffs for OpenSSH versions 4.2p1 and 4.3p2. What's new: * given up support for "x509v3-sign-rsa-sha1" and "x509v3-sign-dss-sha1" The implementation realised in previous
2008 Mar 13
0
[Fwd: Re: OpenSSH and X.509 Certificate Support]
Hi Roumen, I discovered that the need of appending the .pub part of id_rsa(client key+cert) on the server can be eliminated by adding the Certificate Blob to authorized_keys which could look something like this: x509v3-sign-rsa subject= /C=FR/ST=PARIS/L=DESEl/O=SSL/OU=VLSI/CN=10.244.82.83/emailAddress=client at company.com This is extracted from the client certificate using openssl as
2003 Jan 30
0
X.509 certificates support in OpenSSH - version f is ready
Hi all, I have pleasure to announce new version f of "X.509 certificates support in OpenSSH" Please to update your bookmarks/favorites with new location: http://roumenpetrov.info/openssh Old location is available too: http://satva.skalasoft.com/~rumen/openssh What's new: * support "Certificate Revocation Lists" (CRLs) * ssh-keyscan can show hostkey with
2006 Sep 30
1
Announce: X.509 certificates support version 5.5.1 in OpenSSH 4.4p1
Hi All, The version 5.5.1 of "X.509 certificates support in OpenSSH" is ready for download. On download page http://roumenpetrov.info.localhost/openssh/download.html#get_-5.5.1 you can found diff for OpenSSH versions 4.4p1. What's new: * specific diff of 5.5 for OpenSSH 4.4p1 Because of OpenSSH source code changes, like include statements and new server option
2007 Aug 07
0
Announce: X.509 certificates support in OpenSSH (version 6.0-International)
Today, I released a new version of "X.509 certificates support in OpenSSH" ( http://roumenpetrov.info/openssh/ ). Version 6.0 add following enhancements: - Printable X.509 name attributes compared in UTF-8 Printable attributes are converted to utf-8 before to compare. This allow distinguished name in "authorized keys" file to be in UTF-8. - "Distinguished Name"
2004 Apr 07
0
Announce: X.509 certificates support in OpenSSH(version h-Validator)
I'm pleased to announce that the version "h"(code-name Validator) of "X.509 certificates support in OpenSSH" is now available for immediate download at http://roumenpetrov.info/openssh. Features: * "x509v3-sign-rsa" and "x509v3-sign-dss" public key algorithms * certificate verification * certificate validation o CRL o OCSP (optional and
2018 May 25
2
Suggestion: Deprecate SSH certificates and move to X.509 certificates
Can you implement revocation support? On Fri, May 25, 2018 at 6:55 AM, Damien Miller <djm at mindrot.org> wrote: > No way, sorry. > > The OpenSSH certificate format was significantly motivated by X.509's > syntactic and semantic complexity, and the consequent attack surface in > the sensitive pre-authentication paths of our code. We're very happy to > be able to
2012 Aug 13
1
X.509 certificates and OpenSSH
I understand that recent versions of OpenSSH have support for X.509 certificates, in the sense that OpenSSH clients can extract the relevant information from such certificates and use it in order to carry out the usual public key-based authentication. Having a quick look into the SSH RFCs, it would seem that this is the only way in which OpenSSH supports X.509-based authentication. That is, it
2004 Aug 19
0
Announce: X.509 certificates support in OpenSSH-3.9p1
Hi All, Diffs of "X.509v3 certificates support for OpenSSH" versions g4(Compatibility) and h(Validator) for OpenSSH-3.9p1 are ready for download. Please visit "http://roumenpetrov.info/openssh" for more information. Features: * "x509v3-sign-rsa" and "x509v3-sign-dss" public key algorithms * certificate verification * certificate validation o CRL o
2008 Jul 31
5
[Bug 1498] New: OpenSC smartcard access should use raw public keys, not X.509 certificates
https://bugzilla.mindrot.org/show_bug.cgi?id=1498 Summary: OpenSC smartcard access should use raw public keys, not X.509 certificates Classification: Unclassified Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Linux Status: NEW Keywords: patch Severity: normal
2011 Sep 08
2
Announce: X.509 certificates support v7.0 for OpenSSH version 5.9p1
Hi All, Version 7.0 of "X.509 certificates support in OpenSSH" is ready for immediate download. This version allow client to use certificates and keys stored into external devices. The implementation is based on openssl dynamic engines. For instance E_NSS engine ( http://developer.berlios.de/projects/enss ) will allow you to use certificates and keys from Firefox, SeaMonkey,
2012 Sep 30
0
OpenSSH with X.509 certificates support v7.3
Dear All, Version 7.3 of X.509 certificates support for OpenSSH is published. Main updates: - enable AES cipher in CRT mode for FIPS build Build with FIPS enabled OpenSSL now use openssl implementation - initialization of OpenSSL engines Engine initialization is improved and now OpenSSL static engines are initialized only once. Double initialization lead to application crash in
2007 Oct 26
0
Announce: X.509 certificates support in OpenSSH (version 6.1-International)
Hi All, The version 6.1 of "X.509 certificates support in OpenSSH" is ready for download. On page http://www.roumenpetrov.info/openssh/download.html you can found diffs for OpenSSH versions 4.5p1,4.6p1 and 4.7p1. Details ( from http://www.roumenpetrov.info/openssh ): * distinguished name compare bug(security): The bug affect versions 6.0 and 6.0.1 only. The work around is to
2007 Oct 05
3
[Bug 1373] New: native support for X.509 v3 certificates
http://bugzilla.mindrot.org/show_bug.cgi?id=1373 Summary: native support for X.509 v3 certificates Product: Portable OpenSSH Version: 4.7p1 Platform: Other OS/Version: Other Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: mindrot at
2018 May 25
3
Suggestion: Deprecate SSH certificates and move to X.509 certificates
How can I revoke one SSH certificate without having to replace the root certificate and all certificates signed by it? Regarding the second statement, do you have sources? On Fri, May 25, 2018 at 6:58 AM, Peter Moody <mindrot at hda3.com> wrote: > On Thu, May 24, 2018 at 8:36 PM, Yegor Ievlev <koops1997 at gmail.com> wrote: > >> SSH certificates provide no >> way to
2005 Mar 10
0
X.509 certificates support for OpenSSH-4.0p1
I'm pleased to announce that X.509 certificates support for OpenSSH-4.0p1 is now available for download. Please visit http://roumenpetrov.info/openssh/ to get it. Best regards, Roumen Petrov
2005 Jun 13
0
Announce: X.509 certificates support in OpenSSH (version 5.2 from "Validator" series)
Hi All, The version 5.2 of "X.509 certificates support in OpenSSH" is ready for download. Available diffs are for OpenSSH versions 3.9p1, 4.0p1 and 4.1p1. What's new: * print CERT RR (resource record) * verify remote key using DNS and CERT RR * include not-pipeline patch * work with OpenSSL 0.9.8betaX Please visit "http://roumenpetrov.info/openssh/" for more information.
2006 Jan 22
0
Announce: X.509 certificates support in OpenSSH (version 5.3 from "Validator" series)
Hi All, The version 5.3 of "X.509 certificates support in OpenSSH" is published. This version adds preliminary support for "x509v3-sign-rsa-sha1" and "x509v3-sign-dss-sha1" key type names in conformance with "draft-ietf-secsh-x509-02.txt" and extends "x509v3-sign-dss key type with signatures in "ssh-dss" format. More details on page
2009 Feb 23
0
Announce: X.509 certificates support v6.2 for OpenSSH version 5.2p1
Hi All, Version 6.2 of "X.509 certificates support in OpenSSH" is ready for immediate download. Visit "http://roumenpetrov.info/openssh/" for details. Regards, Roumen Petrov