X.509 certificates in SSH

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
    The authentication methods contemplated in the SSH protocol suite
consists of password, host-based, keyboard and public key. X.509
certificates are not supported as such. How does OpenSSH manage to do
X.509 certificate-based authentication?

Re: X.509 certificates in SSH

On Monday, August 13, 2012 at 9:47:35 PM UTC+2, Clark Smith wrote:
Quoted text here. Click to load it

If you are still searching for a solution have a look at https://github.com
/flix-/pam_openssh_x509. Its a collection of PAM modules for OpenSSH. What  
they do is obtaining a x509 certificate from an LDAP server on every login,
 validate it (trusted? not expired?) and synchronize the public key to the  
appropriate authorized_keys file on the server. Besides access permissions  
for OpenSSH can be granted through LDAP groups.

Site Timeline