Extracting client certificate information
John Keeping
john at keeping.me.uk
Mon Aug 19 03:07:08 EST 2013
When using client certificate authentication, is there any way to
extract the key ID from the certificate in a force command on the
server?
I would like to be able to configure Gitolite [1] with a certificate
authority key and then use the key ID as the Gitolite user ID when a
client connects. Currently I can achieve the same effect by embedding
the username in a "force-command" certificate extension, but it seems
like it would be simpler if I could just configure the command once on
the server and use the key ID in it.
Am I missing some way of doing this, or is that a feature that you would
consider supporting?
[1] http://gitolite.com/gitolite/
More information about the openssh-unix-dev
mailing list