Understanding SSH Certificate signatures
Brian Candler
b.candler at pobox.com
Tue Feb 9 19:22:27 AEDT 2021
On 09/02/2021 06:20, Digant Kasundra wrote:
> I haven't found a good Rust library to verify that a presented OpenSSH
> public certificate is valid. My plan is to compare the signature_key to my
> trusted CA certs and verify the signature in the user's public certificate.
I can't help you with a Rust library, but maybe it's worth going through
what Go's x/crypto/ssh package does?
https://github.com/golang/crypto/blob/eec23a3978ad/ssh/certs.go#L410
More information about the openssh-unix-dev
mailing list