Re: [PATCH] allow wildcard matches for principals with CA certs and return all matches when calling find-principals

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

On 25/01/2022 08:54, Fabian Stelzer wrote:

ssh-keygen -Y find-principals will fail to return any matches if a
certificate signature is used and the allowed principals file contains a
wildcard principal (e.g.: *@example.com).
Do you mean the "allowed signers" file, rather than the "allowed principals" file?
I'm not aware of any wildcard matching in AuthorizedPrincipalsFile, so that confused me a bit: in other words, I thought "*@example.com" would only match literally the principal "*@example.com".  If that's not true, I'd like to know more. 

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux