[ssh_x509] Allowing all non-revoked keys from a CA

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Thu Sep 5 05:06:13 EEST 2013


Hello,

  It's been over a week and I just wanted to check in to see if anyone
knows how this can be accomplished.

Thanks!

On Sat, Aug 24, 2013 at 6:00 PM,  <ssh_x509 at roumenpetrov.info> wrote:
> Hello,
>
>   This has probably been asked before but I can't seem to find any
> reference of it in my searches.
>
>   Is there a way to define an authorized_keys that allows any non-revoked
> key issued by the CA to authenticate successfully?  In my application I
> will issue many more keys than I revoke and updating the authorized_keys
> file for every new cert+key generated somewhat defeats the purpose of the
> "chain of trust" for me.
>
>   I've tried every combination of hacks, docs, etc that I can find or think
> of to no avail.  Other than that I have everything working perfectly; what
> a great project!
>
> Thanks!
>
> --
> Kristian Kielhofner
> _______________________________________________
> ssh_x509 mailing list
> ssh_x509 at roumenpetrov.info
> http://roumenpetrov.info/mailman/listinfo/ssh_x509_roumenpetrov.info



-- 
Kristian Kielhofner




More information about the ssh_x509 mailing list