Re: AuthenticationMethods for ssh certificate

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



But I want to have a rule that one of those 2 pubkeys *must* be a
certificate, so the user uses 1 certificate and 1 normal pubkey
instead of 2 normal pubkeys.

Ah, I see. I'm not sure about that, perhaps it cannot be done.

What's the reason for doing this? You don't increase security by imposing more layers of the same factor. Security is increased by imposing multiple factors, such as requiring a key and restricting logins to only whitelisted IP addresses. A key and a cert are both basically the same type of factor (something-you-have).
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux