[ssh_x509] Allowing all non-revoked keys from a CA

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Thu Sep 5 05:06:13 EEST 2013


  It's been over a week and I just wanted to check in to see if anyone
knows how this can be accomplished.


On Sat, Aug 24, 2013 at 6:00 PM,  <ssh_x509 at roumenpetrov.info> wrote:
> Hello,
>   This has probably been asked before but I can't seem to find any
> reference of it in my searches.
>   Is there a way to define an authorized_keys that allows any non-revoked
> key issued by the CA to authenticate successfully?  In my application I
> will issue many more keys than I revoke and updating the authorized_keys
> file for every new cert+key generated somewhat defeats the purpose of the
> "chain of trust" for me.
>   I've tried every combination of hacks, docs, etc that I can find or think
> of to no avail.  Other than that I have everything working perfectly; what
> a great project!
> Thanks!
> --
> Kristian Kielhofner
> _______________________________________________
> ssh_x509 mailing list
> ssh_x509 at roumenpetrov.info
> http://roumenpetrov.info/mailman/listinfo/ssh_x509_roumenpetrov.info

Kristian Kielhofner

More information about the ssh_x509 mailing list