x509 cert chain
djm at mindrot.org
Sun Oct 31 08:06:41 EST 2010
On Sat, 30 Oct 2010, Peter Stuge wrote:
> Paul Bradley wrote:
> > I believe the latest OpenSSH builds support x509 certificates
> Not at all. OpenSSH uses it's own certificate format.
> > I've found Roumen Petrovs patches and read some of his stuff but I
> > find it a bit difficult to follow and in any case I'm not sure how
> > relevant his implementation is to the mainline openssh 5.4/5.5
> > x509.
> There is no x509 in OpenSSH mainline. You need the patches if that is
> what you want.
Yes, Roumen Petrov has maintained some for quite a few years:
More information about the openssh-unix-dev