sshd_config options for x.509 support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi all,

I'm trying to get x509 support for ssh.
I have a pkcs patched ssh package.

OpenSSH_5.3p1, OpenSSL 0.9.8l-fips 5 Nov 2009 .

I'm going through http://www.roumenpetrov.info/openssh/x509-6.2.2/README.x509v3

But when I add following options to my sshd_config:


# X.509 support
AllowedCertPurpose sslclient
CACertificateFile /etc/ssh/ca/ca-bundle.crt
CACertificatePath /etc/ssh/ca/crt
CARevocationFile /etc/ssh/ca/ca-bundle.crl
CARevocationPath /etc/ssh/ca/crl
X509KeyAlgorithm x509v3-sign-rsa,rsa-sha1
KeyAllowSelfIssued no



I'm getting:


Starting sshd:/etc/ssh/sshd_config: line 122: Bad configuration
option: AllowedCertPurpose
/etc/ssh/sshd_config: line 123: Bad configuration option: CACertificateFile
/etc/ssh/sshd_config: line 124: Bad configuration option: CACertificatePath
/etc/ssh/sshd_config: line 125: Bad configuration option: CARevocationFile
/etc/ssh/sshd_config: line 126: Bad configuration option: CARevocationPath
/etc/ssh/sshd_config: line 127: Bad configuration option: X509KeyAlgorithm
/etc/ssh/sshd_config: line 128: Bad configuration option: KeyAllowSelfIssued
/etc/ssh/sshd_config: terminating, 7 bad configuration options
                                                           [FAILED]



Can somebody help me with this.

Thanks
Shravan


[Index of Archives]     [Open SSH Unix Development]     [Fedora Users]     [Fedora Desktop]     [Yosemite Backpacking]     [KDE Users]     [Gnome Users]

  Powered by Linux