[ssh_x509] pkixssh-8.0b0 and ECDSA public key algorithm for SSH (RFC 6187)

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Sun Feb 16 12:45:57 EET 2014

ssh_x509 at roumenpetrov.info wrote:
> Hi Roumen,
> Finally I have tested  SSH with ECC certs. I was missing client site config
> /usr/local/etc/ssh_config, i was doing configuration in sshd_config only.
> [SNIP]
> Many Many Thanks Roumen for all your support
> Also how can i enable to smart card support using pkcs11 and opensc
>                   Smartcard support:

Support for  ssh-agent and smart-card is planed for next versions.
First is to ensure that all supported ECC certificates could be used as 
host key in all cases.

> Also i have network LDAP server for SSH auth, i want to use it with NSCD
> and with SSHD config option AllowGroups, what do you suggest ?
> Shell i need to enable following option for NSCD
>                    LDAP queries: no
I'm not familiar with nscd setup for user database.
Since in some cases users and groups are not stored in local files 
configuration must ensure availability of them from remote source either 
directory service or database or nis.

> Regards,
> Mudassir Aftab


Get X.509 certificates support in OpenSSH:

More information about the ssh_x509 mailing list