SSL devel. model

Damien Miller djm at mindrot.org
Fri Feb 25 11:54:14 EST 2000


On Thu, 24 Feb 2000, Sean Aaron Lisse wrote:

 
> My partner is planning on altering OpenSSH such that it can do SSL-type
> third-party authentication, instead of relying on the first-contact setup
> that is currently in place.

Hate to disappoint, but this is being worked on too:

ftp://ftp-uk.hpl.hp.com/pub/nd/ 

Has patches to OpenSSH to allow it to use X.509 certificates for
authentication. These certificates can be stored in DBM files or live
on an LDAP server.

Neil Dunbar <nd at hplb.hpl.hp.com> is doing this work.


I'll try to answer your other questions tomorrow.

-d
 

--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)








More information about the openssh-unix-dev mailing list