Patch for OpenSSH for Windows to allow authentication through certificates

Adriana Rodean adrya1984 at gmail.com
Tue Mar 17 16:54:33 EST 2009


Hi Roumen,

I changed config files as you said and now it works, thanks for help!
But I am in doubt if the way it works now is the right one. I had to
copy clients public key to authorized_keys file on server machine, and
servers public key to known_hosts file on client machine.
It seems pretty much as usual PKI authentication now, except that
client and server send certificates to each other.

Is that possible by any way to avoid public key storage and just use
certificates validation? Like if certificate is OK – no need to have
public key from this certificate in authorized_key or known_hosts.

Thank you,
Adriana.


More information about the openssh-unix-dev mailing list