Announce: X.509 certificates support in OpenSSH (version 5.2 from "Validator" series)

Roumen Petrov openssh at roumenpetrov.info
Mon Jun 13 16:22:21 EST 2005


Hi All,

The version 5.2 of "X.509 certificates support in OpenSSH" is ready for download.
Available diffs are for OpenSSH versions 3.9p1, 4.0p1 and 4.1p1.

What's new:
* print CERT RR (resource record)
* verify remote key using DNS and CERT RR
* include not-pipeline patch
* work with OpenSSL 0.9.8betaX

Please visit "http://roumenpetrov.info/openssh/" for more information.


Regards,
Roumen Petrov


P.S.: Note on system with "/dev/{u||s}random" OpenSSH will report "checking whether OpenSSL's PRNG is internally seeded... no" for OpenSSL versions 0.9.8-beta{3|4|5}.
Work around is to remove quotes around DEVRANDOM in OpenSSL file "crypto/rand/rand_unix.c" or to install ssh-rand-helper.




More information about the openssh-unix-dev mailing list