Bug 1776 - Hostbased authentication with certificates
Summary: Hostbased authentication with certificates
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh (show other bugs)
Version: -current
Hardware: All All
: P2 enhancement
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks: V_5_6
  Show dependency treegraph
 
Reported: 2010-06-05 03:41 AEST by Iain Morgan
Modified: 2010-08-27 10:28 AEST (History)
1 user (show)

See Also:

Attachments
Add certificate support for hostbased authentication (6.74 KB, patch)
2010-06-05 03:41 AEST, Iain Morgan 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Iain Morgan 2010-06-05 03:41:57 AEST 
Created attachment 1855 [details]
Add certificate support for hostbased authentication

It would be extremely useful to be able to use certificates with
hostbased authentication in environments such as compute clusters.

The attached patch adds this support. If the client has a host certificate,
it will be used for hostbased authentication. The server will use any
applicable @cert-authority entry in the ssh_known_hosts file to 
validate the cert.
Comment 1 Damien Miller 2010-08-05 13:08:12 AEST 
Patch applied (with a small tweak). This will be in the soon-to-be-released OpenSSH 5.6.
Comment 2 Darren Tucker 2010-08-27 10:28:19 AEST 
With the release of OpenSSH 5.6p1 this bug is now considered closed.  If you have further problems please reopen or file a new bug as appropriate.