Announce: X.509 certificates support in OpenSSH(version h-Validator)

From: Roumen Petrov (openssh_at_roumenpetrov.info)
Date: 04/07/04

  • Next message: Joerg Over Dexia: "Re: running an (open)ssh session ONLY to forward ports."
    Date: Wed, 07 Apr 2004 20:27:04 +0300
    To: openssh-unix-dev@mindrot.org
    
    

    I'm pleased to announce that the version "h"(code-name Validator) of
    "X.509 certificates support in OpenSSH" is now available for immediate
    download at http://roumenpetrov.info/openssh.

    Features:
    * "x509v3-sign-rsa" and "x509v3-sign-dss" public key algorithms
    * certificate verification
    * certificate validation
      o CRL
      o OCSP (optional and experimental feature)
    * "x509v3-sign-rsa" MD5 and SHA-1 signatures
    * OpenSSH agent with certificates
    * strong regresion tests
    * detailed manual pages
    * README.x509v3

    Best regards,
    Roumen Petrov


  • Next message: Joerg Over Dexia: "Re: running an (open)ssh session ONLY to forward ports."

    Relevant Pages

    • Re: MOM Management Pack for Certificate Services
      ... > preliminary list of features that would be 'neat'. ... > CAs, since only one CA would be rather easy to manage independently. ... > - Provide full CA database status information for all CAs ... > - Notification on pending certificates needed to be approved ...
      (microsoft.public.windows.server.security)
    • Re: X.509 certificates in SSH
      ... X.509 certificates, or signed keys in general, did not make it into the ... support in both server and client authentication (transport key exchange ... When the OpenSSH people got around to implementing certificates years ...
      (comp.security.ssh)
    • Re: extendible certificate
      ... iguchiyu> Well i want to use openSSH from the CA perspective. ... iguchiyu> to issue certificates to my client machines and further my ... iguchiyu> applications will take use these certificates. ... iguchiyu> What kind of certificates are generated by the openSSH? ...
      (comp.security.ssh)
    • Re: OpenSSH and OpenSSL
      ... >> a openssl signed public key but no mention of openssh support. ... It will be a purely private CA, you'll be able to deliver certificates to ... There is no greater joy than soaring high on the wings of your dreams, ...
      (SSH)
    • Re: extendible certificate
      ... I want to issue certificates to my client machines and further my ... applications will take use these certificates. ... What kind of certificates are generated by the openSSH? ...
      (comp.security.ssh)