Feature Request: Allow certificate types in ssh-keyscan -t

Aaron Jones me at aaronmdjones.net
Fri Mar 19 09:12:30 AEDT 2021


Hello.

I would like for the ssh-keyscan(1) -t argument (key type) to support
the certificate types too (such as ssh-ed25519-cert-v01 at openssh.com), as
from `ssh -Q key`.

This would allow to dump remote host certificates, useful for various
situations like certificate expiration monitoring.

Regards,
Aaron Jones

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20210318/175d3cb3/attachment.asc>


More information about the openssh-unix-dev mailing list