Forum

Support for SSH CA ...
 
Notifications
Clear all

Support for SSH CA certificate

0 Posts
2 Users
0 Reactions
231 Views
(@padgear)
New Member
Joined: 10 years ago
Posts: 1
Topic starter  

I would like to request support for SSH ca certificate. I would like the client to have option of trusted CAs and the client should trust host keys signed by the CA. Here are some links on how that feature works.

https://www.digitalocean.com/community/tutorials/how-to-create-an-ssh-ca-to-validate-hosts-and-clients-with-ubuntu

<broken link removed>

We use SSH CA in workplace and its much more secure to trust the CA rather than just accept unknown host key when logging into a new machine for the first time. Regards,

This post was modified 6 months ago by bpence

   
ReplyQuote
(@bpence)
Member Admin
Joined: 12 months ago
Posts: 1375
 

Interesting idea, I'll have to do some more reading....

Are you aware of any other SSH clients doing this already, other than OpenSSH?

Brian


   
ReplyQuote
(@bpence)
Member Admin
Joined: 12 months ago
Posts: 1375
 

Another solution for centralized certificates is GSSAPI, already supported by Absolute. This way, Absolute authenticates host keys against your ActiveDirectory server.

Brian


   
ReplyQuote
Share: