Openssh to support X509 certificates
Ian jonhson
jonhson.ian at gmail.com
Sun Mar 16 02:52:45 EST 2008
No, what I mean is not that I seek some commercial support service.
I just hope that X509 certificate support will be a part of openssh mainstream,
because it becomes necessary in many applications. At least,
it should become a option in openssh mainstream, so that some applications
can choose to open this part of functionality.
And, more importantly, I hope that my PAM module for X509-based certificate
verification can serve as a module of openssh in the future.My PAM module
can do authentication via user certificates and do mapping to local accounts.
Based on the module, a user can login remote server via his certificate and
traverse around the whole network built on openssh by single-sign-on(SSO).
(Now, I have successfully implemented most of functionalities except
delegation,
which is needed to support SSO).
I am willing to make some contribution to mainstream version of openssh and
willing to open my all codes (including PAM module and modified openssh4.5).
Hope openssh more powerful.
Any comment?
Regards,
Ian
On Sat, Mar 15, 2008 at 2:16 AM, Peter Stuge
<stuge-openssh-unix-dev at cdy.org> wrote:
> On Fri, Mar 14, 2008 at 05:36:58PM +0800, Ian jonhson wrote:
> > No one is welling to answer me?
>
> I don't think that is the case.
>
> Keep in mind that any help on this list is strictly voluntary and
> free of charge.
>
> Maybe you could find someone who offers a commercial support service
> for the certificate extension if that is what you're after?
>
>
> //Peter
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
More information about the openssh-unix-dev
mailing list