Signed SSH key issue with OpenSSH6.4p1

Jan Schermer jan at schermer.cz
Wed Apr 11 19:40:21 AEST 2018


Slightly OT question - is there a way to make ssh-agent work with keys in a PKCS#11 module and a certificate? I can make the ssh client work (add the key to agent and the default cert gets used by default), but the cert can’t be added to ssh-agent …

Jan

> On 11 Apr 2018, at 09:40, Jakub Jelen <jjelen at redhat.com> wrote:
> 
> On Tue, 2018-04-10 at 12:35 -0500, Naren K wrote:
>> 
>> What Should I do?
>> 
>>   - Can anyone suggest me how to get around this issue. I want to
>> use my
>>   own naming convention and my custom location to the keys?
> 
> Update to newer version that supports CertificateFile option. Version
> 6.4 was released almost 5 years ago and even in latest CentOS we
> provide more up-to-date version than this one. It is very irresponsible
> to use such old version without any security updates.
> 
> Or use the "default" naming conventions if you do not care about
> security. There was no way around that so this was the reason why this
> option was introduced.
> 
> Regards,
> -- 
> Jakub Jelen
> Software Engineer
> Security Technologies
> Red Hat, Inc.
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



More information about the openssh-unix-dev mailing list