[ssh_x509] RFC 6187 user identity

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Mon Sep 6 18:56:26 EEST 2021


Could any one please share steps to generate user key pair and user
identity file in PEM format, for public key algorithm type -
x509v3-ssh-rsa or x509v3-rsa2048-sha256 ?

Shall i use the x509v3-sign-rsa user identify file- but change
pubkeyAlgorithms to have x509v3-ssh-rsa. The pkixssh ssh client/server
will treat it as which key algorithm ?

Is the presence of the chain of certificates, mandatory in the id
file, to consider the key in RFC6187 format ?

What if the  chain not present - have only the end user's leaf key and
cert - but the key should be of type x509v3-ssh-rsa ?

Thanks in advance.


More information about the ssh_x509 mailing list