Support for SSH CA certificate

AbsoluteTelnet General

Last Post by Vivek Malik 10 years ago

0 Posts

2 Users

0 Reactions

136 Views

RSS

Vivek Malik

(@padgear)

New Member

Joined: 10 years ago

Posts: 1

Topic starter 28/12/2014 10:42 am

I would like to request support for SSH ca certificate. I would like the client to have option of trusted CAs and the client should trust host keys signed by the CA. Here are some links on how that feature works.

https://www.digitalocean.com/community/tutorials/how-to-create-an-ssh-ca-to-validate-hosts-and-clients-with-ubuntu

We use SSH CA in workplace and its much more secure to trust the CA rather than just accept unknown host key when logging into a new machine for the first time. Regards,

This post was modified 4 months ago by bpence

ReplyQuote

bpence

(@bpence)

Member Admin

Joined: 9 months ago

Posts: 1374

03/02/2015 9:49 pm

Interesting idea, I'll have to do some more reading....

Are you aware of any other SSH clients doing this already, other than OpenSSH?

Brian

ReplyQuote

bpence

(@bpence)

Member Admin

Joined: 9 months ago

Posts: 1374

03/02/2015 10:29 pm

Another solution for centralized certificates is GSSAPI, already supported by Absolute. This way, Absolute authenticates host keys against your ActiveDirectory server.

Brian

ReplyQuote

6 Forums
639 Topics
3,081 Posts
1 Online
28.9 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed