OpenSSH secure shell
X.509 v3 certificates
(archive f and e-series)
Check the current version!
- 30 Jan 2003 : Version x509f is ready.
- What's new:
- client order of preference of host key algorithms (ssh option HostKeyAlgorithms) is changed form "ssh-rsa,ssh-dss,x509v3-sign-rsa,x509v3-sign-dss" to "x509v3-sign-rsa,x509v3-sign-dss,ssh-rsa,ssh-dss"
- support "Certificate Revocation Lists" (CRLs)
- ssh-keyscan can show hostkey with certificates
- information about X.509 certificates support added to all necessary manual pages
- Distinguished name/Subject in [RFC2253] format and item order is not important
- script to create CRL used in tests
- test scripts for ssh-agent and CRLs
- See README.x509v3 for this version.
With HostKeyAlgorithms client send accepted host keys in order of preference. Now (in version "f") client prefer server certificates.
This version use options CARevocationFile/CARevocationPath (marked as reserved in previous version) to load CRL and verify revoked certificates.
- about userauth request:
Public key authentication for SecSH protocol version 2 is two phase process.
In first phase client send one or more SSH_MSG_USERAUTH_REQUEST without to sign request.
This is used to find allowed public keys.
The server MUST respond to this message with either SSH_MSG_USERAUTH_FAILURE or SSH_MSG_USERAUTH_PK_OK.
Usualy for public key authentication when infomation aboud identity is found in user AuthorizedKeysFile that key is allowed.
In second phase client send signed SSH_MSG_USERAUTH_REQUEST with allowed key.
In previos version "e" when a X.509 certificate is used as identity is second phase server check certificate signature and reject key when signature is invalid.
This is incorect. Server must reject in first phase invalid certificates.
Now in version "f" in first phase in case of X.509 certificate as user identity server
check certificate signature and CRLs in addition before to respond with SSH_MSG_USERAUTH_PK_OK.
- Distinguished name/Subject in [RFC2253] format
First in this version is implemented own method to compare two X.509 names.
See section 1.2 in README.x509v3.
Side effect is that this own method avoid possible problems with OpenSSL method X509_NAME_cmp.
See topic X509_NAME_cmp later in document.
- Select your download from download page.
- 28 Nov 2002 : available hotfix x509e1.
- What's new:
- fix problem with more than one openssl executable on system.
- Get x509e-x509e1 patch, go to openssh source dir and apply.
zcat .../openssh-3.xp1+x509e-x509e1.diff.gz | patch -p1
- Howto to test ?
- If you have more than one OpenSSL installed and OpenSSH is build with --with-ssl-dir="MY_OPENSSL_DIR" use command like this:
OPENSSL=MY_OPENSSL_DIR/bin/openssl make check
- 21 Nov 2002 : Version x509e is out.
- What's new:
- x509v3 certificate as hostkey:
- server (sshd) can use;
- client (ssh) can accept.
- client verifies hostkey certificate chain;
- sshd_config and ssh_config manual pages with options for x509v3 certificates;
- new make target 'check' - to test certificates;
- improved certificate test scripts:
- "3-cre_client_cert.sh" renamed to "3-cre_certs.sh" and can create server certificates;
- avoid use of mkfifo command (missing on cygwin ?);
- "echo -n ..." repaced with more portable "printf ...".
- allowed certificate purpose defaults:
- sslserver - for server hostkey (new);
- sslclient - for client authentication (changed).
- Version x509e README.x509v3 with tips for x509 certificate usage.
- Select your OpenSSH version: