ssh-agent and certificates

Peter Moody mindrot at hda3.com
Thu Aug 29 08:36:39 AEST 2019


On Wed, Aug 28, 2019 at 1:22 PM Jakob Schürz <wertstoffe at schuerz.at> wrote:

> Is this already posible? And how do I have to do this? What's the right
> configuration? Can I user ProxyCommand with certificates?

Hi,

yes, certificates work with proxycommand. from the perspective of the
client and ssh-agent, certificates are (mostly) just like regular
ssh-keys.

you may be getting hung up on the server side configuration. Check
sshd_config(5) manpage for TrustedUserCAKeys and the ssh-keygen(1)
manpage for CERTIFICATES.

this 8 year old blog post is a good basic resource for information on
ssh certificates as well:
https://blog.habets.se/2011/07/OpenSSH-certificates.html

>
>
> thank you
>
> Jakob
>
> --
> lore ipsum
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


More information about the openssh-unix-dev mailing list