Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- X.509 and ssh
- Richard E. Silverman
February 11, 2006, 11:30 pm
Re: X.509 and ssh
JKV> What is the current status of X.509 support in SSH? I know there
JKV> is support for X.509 under the form of a patch
JKV> (http://roumenpetrov.info/openssh ). But as far as I know it's not
JKV> supported by clients such as PuTTY.
>> It is best supported in commercial products, such as Tectia
>> (ssh.com) and VShell (vandyke.com).
PG> It should be mentioned that since the required formats were never
PG> properly specified in any standards, what's implemented is
PG> vendor-specific and nonstandard. The only way that something like
PG> Putty could support whatever it is that the ssh.com and VanDyke
PG> implementations do is by reverse-engineering the applications.
That's not quite true. Although X.509 is not part of the final SSH-TRANS
RFC, X.509 key types were defined in earlier drafts (as you note later in
this thread). Both Tectia and VShell use those key types (x509v3-sign-rsa
and x509v3-sign-dsa) as specified in that draft, so I don't believe there
is any need to reverse engineer anything. If you think there is, please
It is true that, since these types are no longer part of the spec, they
should technically be qualified in use now (e.g. email@example.com).
Re: X.509 and ssh
The formats were so poorly specified that it wasn't possible to create an
interoperable implementation from them. In fact, no-one seemed to be able to
agree on what the formats should really be, probably due at least to some
extent to the fact that everyone was interpreting the spec differently. The
rather bizarre comment from a previous poster in this thread that I'm "against
X.509" probably comes from the fact that I pointed out that the spec as it
existed at the time was unimplementable, meaning that the text would either
have to be clarified or removed. Since no-one was interested in clarifying
it, it was removed. What's left is an expired draft (see
Presumably what's in this expired draft is what Tectia and VShell do (since
one of the authors is from VanDyke and the other from F-Secure), however at
the time the format was still specified in SSH-TRANS the text was so unclear
that the only way to implement it was either (1) get really lucky in guessing
what the text was supposed to mean or (2) reverse-engineer Tectia or VShell's
handshake to see what they did.
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum