Login or Register to Ask a Question and Join Our Community


IP Networking

OpenSSH + X.509 support

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums IP Networking OpenSSH + X.509 support
# 1  
Old 02-16-2007
OpenSSH + X.509 support
Hi everyone, we want to implement a SSH infrastructure that allows certain people (not directly related to the company) to access to a piece of information of their concern. A simple solution is to provide they with an encrypted private key so they can be "authorized_keys" access to their home in a jailed session. That's ok, it works fine, but, we are analyzing on the use of X.509 certs instead of distributing key pairs and, as far as I know, that is not natively supported by OpenSSH. I've only found the Roumen Petrov's patch to provide X.509 support (http://roumenpetrov.info/openssh/).
Does anyone have used it?, How secure can it be?.
After all, this is a problem for us because the need of recompiling the OpenSSH while we have RedHat support through rpm updates.
Is there an alternative to that patch?.

We refuse the idea of using ftp or http directory authenticated access and we don't have the possibility of making access through web services, at least not for a couple of months or maybe the whole 2007.

The solution MUST be free/opensource.

Thanks in advance.

PS: by the way... have somebody tried the jailkit?
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. Red Hat

Openssh 6.8

Hi im using redhat enterprise linux 7 im trying to update to the latest openssh version 6.8 i ran the command yum update openssh and this upgraded only to version 6.6 how can i update to the latest version 6.8? thanks! (5 Replies)
Discussion started by: guy3145
5 Replies

2. AIX

OpenSSH always ask for password

Hello together, I have a Problem with openssh on AIX 5.3. We have a big amount of AIX-hosts that run with openssh but one donīt! Every time we try to connect via ssh to the host, we get a password prompt. The myth ist, that there is no Error or somthing else. Here the output of ssh -vvvv to... (14 Replies)
Discussion started by: heifei
14 Replies

3. Fedora

OpenSSH Problem

Hello, I cannot seem to loggon to a machine using ssh/scp. Whenevr I do it closes the connection (error message : lost connection)but it appears to be the host machine closing rather than the destination which puzzles me even more. What is even weirder is that as a root user it works but as a... (1 Reply)
Discussion started by: mojoman
1 Replies

4. Solaris

openssh and chroot.

Hi all. I have installed openssh 5.3 and set up jailed root. It works almost as I want it to I cant cd to any directory above my ch root. my config : entry in passwd: test2:x:103:113::/users2/test2:/bin/false sshd_conf: Match User test2 ChrootDirectory /users2/%u # ... (4 Replies)
Discussion started by: vettec3
4 Replies

5. UNIX Desktop Questions & Answers

OpenSSH

Hello, I downloaded Cygwin to practice on my coursework from home. I was told to download the OpenSSH from Cygwin website so that I can access my files from home. However, the file saves itself with a cgi extension and I have no idea as to what I am supposed to do next. I found info on some... (1 Reply)
Discussion started by: feliks0
1 Replies

6. UNIX for Dummies Questions & Answers

A problem about openssh

When I first link a computer with ssh , the information "Warning: Permanently added ... (RSA) to the list of known hosts." will be occured. How can i avoid this information without use the parameter '-q'? tks!!! (2 Replies)
Discussion started by: ragehunter
2 Replies

7. AIX

openSSH for AIX

Has anyone installed openSSH, or any alternate ssh on AIX 5.1 if so is there a web site with quick guide of do's and don'ts for installation / setup that can be recommended. Is it a straightforward install ? (2 Replies)
Discussion started by: gefa
2 Replies

8. UNIX for Dummies Questions & Answers

OpenSSH

Help! SSH is returning the following error message: OpenSSL version mismatch. Built against 90581f, you have 90602f How can I correct this? (21 Replies)
Discussion started by: chenly
21 Replies
Login or Register to Ask a Question

LEARN ABOUT LINUX

ssh-argv0

SSH-ARGV0(1)						    BSD General Commands Manual 					      SSH-ARGV0(1)

NAME

     ssh-argv0 -- replaces the old ssh command-name as hostname handling

SYNOPSIS

     hostname | user@hostname [-l login_name] [command]

     hostname | user@hostname [-afgknqstvxACNTX1246] [-b bind_address] [-c cipher_spec] [-e escape_char] [-i identity_file] [-l login_name]
     [-m mac_spec] [-o option] [-p port] [-F configfile] [-L port:host:hostport] [-R port:host:hostport] [-D port] [command]

DESCRIPTION

     ssh-argv0 replaces the old ssh command-name as hostname handling.	If you link to this script with a hostname then executing the link is
     equivalent to having executed ssh with that hostname as an argument.  All other arguments are passed to ssh and will be processed normally.

OPTIONS

     See ssh(1).

FILES

     See ssh(1).

AUTHORS

     OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
     Theo de Raadt and Dug Song removed many bugs, re-added newer features and created OpenSSH.  Markus Friedl contributed the support for SSH
     protocol versions 1.5 and 2.0.  Jonathan Amery wrote this ssh-argv0 script and the associated documentation.

SEE ALSO

     ssh(1)

Debian Project							 September 7, 2001						    Debian Project