Re: Signed SSH key issue with OpenSSH6.4p1

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Slightly OT question - is there a way to make ssh-agent work with keys in a PKCS#11 module and a certificate? I can make the ssh client work (add the key to agent and the default cert gets used by default), but the cert can’t be added to ssh-agent …

Jan

> On 11 Apr 2018, at 09:40, Jakub Jelen <jjelen@xxxxxxxxxx> wrote:
> 
> On Tue, 2018-04-10 at 12:35 -0500, Naren K wrote:
>> 
>> What Should I do?
>> 
>>   - Can anyone suggest me how to get around this issue. I want to
>> use my
>>   own naming convention and my custom location to the keys?
> 
> Update to newer version that supports CertificateFile option. Version
> 6.4 was released almost 5 years ago and even in latest CentOS we
> provide more up-to-date version than this one. It is very irresponsible
> to use such old version without any security updates.
> 
> Or use the "default" naming conventions if you do not care about
> security. There was no way around that so this was the reason why this
> option was introduced.
> 
> Regards,
> -- 
> Jakub Jelen
> Software Engineer
> Security Technologies
> Red Hat, Inc.
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev@xxxxxxxxxxx
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux