make x.509 certificate authentication work with ssh

From: qing.lu@kodak.com
Date: 02/21/03

  • Next message: John Mendenhall: "Re: OpenSSH_3.5p1 server, PC clients cannot connect"
    To: secureshell@securityfocus.com
    From: qing.lu@kodak.com
    Date: Thu, 20 Feb 2003 15:17:38 -0800
    
    

    Hello all,

    I have ssh server on UNIX ---openssh 3.5p1 and ssh client on window or
    unix with Secure CRT (commertial version) or F-Secure (commertial version)
    client or openssh client. I can make public key authentication with user
    key work but not public key authentication with x.509 certificate. I have
    already got my CA, server and client certificate. I like to know what do I
    need to do on both server and client side in order to make it work. What
    options I need to set in configuration file? I found the help pages in
    openssh and SecureCRT, F-Secure are really laking of information in this
    regard.

    I apprecite any help from the group.

    Thanks,
    Qing



    Relevant Pages

    • Re: What doesnt lend itself to OO?
      ... >> proxy and instructs the server to constuct the real object. ... rather than client code. ... If 'clock' is instantiated in the server, ... > for the server interface at the OOA level. ...
      (comp.object)
    • Re: More Get-IPlayer Questions
      ... to use with mutt mail client. ... antinat - 0.90-4 - Antinat is a flexible SOCKS server and client ... protocol for Sybase or MS SQL Server. ... ifstat - 1.1-1 - InterFace STATistics Monitoring ...
      (uk.comp.os.linux)
    • This is going straight to the pool room
      ... or not the client has privilege to do what they're trying to do, ... The server environment is this: ... 3GL User action Routines that Tier3 will execute on your behalf during the ... Routine Name: USER_INIT ...
      (comp.os.vms)
    • [Full-Disclosure] R: Full-Disclosure Digest, Vol 3, Issue 42
      ... Full-Disclosure Digest, Vol 3, Issue 42 ... SD Server 4.0.70 Directory Traversal Bug ... Arkeia Network Backup Client Remote Access ...
      (Full-Disclosure)
    • Re: What doesnt lend itself to OO?
      ... > rather than client code. ... no way to do that without also touching the object with clock semantics ... will not encapsulate both clock semantics and network semantics. ... The server can do whatever it wants ...
      (comp.object)