[ssh_x509] Certificate Procedures and Test Program

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Fri Apr 26 13:40:02 EEST 2019


Hello All,
   Big Thanks for bringing up the openSSL and X509 Certificate support to
SSH.
now that I have installed PKIXSSH in my raspberry PI machine. I fetched the
code from the gitlab master branch. I removed the default OpenSHH version
and installed the PKIXSSH. I could do basic thing like logging in to SHH
using password Authentication.
  I want to experiment the Certificate based SSH Authentication. Following
the Facebook's tutorial "
https://code.fb.com/security/scalable-and-secure-access-with-ssh/" I could
understand the process well. but the lack of examples/howto in PKIXSSH repo
I am struck in implementing the certificate based authentication.
  Also I am using the openSSL with engine support which works well with our
hardware based crypto module. Anybody please help me how to use the PKIXSSH
program for Certificate based Authentication, Probably with test commands
or programs are greatly appreciated.

I configured the code with the option "*--with-ssl-engine*" How to test
whether my gen key request to my hardware module. and how to sign the csr?
please help.

Thanks in Advance.

Regards,
Srini.


More information about the ssh_x509 mailing list