pkcs and host keys
Damien Miller
djm at mindrot.org
Sat Sep 3 11:06:03 EST 2011
On Thu, 1 Sep 2011, Benjamin Myers wrote:
> Hi Damien,
>
> I see in your asia bsdcon presentation you mentioned the possibility
> of storing host keys in PKCS #11. I'm interested in using a usb rsa
> fob for host keys and am interested in this feature. What's the
> current status? As you said: root compromise != persistent hostkey
> theft.
No, I haven't started working on it yet for lack of smartcard hardware.
I (or someone else) will probably get around to it sooner or later, but
it will go quicker if I can get a supported USB smartcard on OpenBSD.
-d
More information about the openssh-unix-dev
mailing list