Discussion:
Chain of trust
Manoj Ampalam
2018-11-15 18:51:32 UTC
Permalink
Hi,

Does OpenSSH support ssh certificate chain with trust anchored at the root cert? From what I have read and experimented, it does not look so. But looking for a confirmative answer from the experts.

Thanks
Manoj.
Michael Ströder
2018-11-15 22:47:18 UTC
Permalink
Post by Manoj Ampalam
Does OpenSSH support ssh certificate chain with trust anchored at the
root cert? From what I have read and experimented, it does not look
so. But looking for a confirmative answer from the experts.
If you're asking about OpenSSH certs then look into:

https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.certkeys

It says:

"Chained" certificates, where the signature key type is a certificate
type itself are NOT supported.

Ciao, Michael.
Roumen Petrov
2018-11-19 17:24:31 UTC
Permalink
Hello Manoj,
Post by Manoj Ampalam
Hi,
Does OpenSSH support ssh certificate chain with trust anchored at the root cert? From what I have read and experimented, it does not look so. But looking for a confirmative answer from the experts.
Perhaps you would like to use this implementation
http://roumenpetrov.info/secsh/ - with support of industrial standards.

Let me know if you need addition information in respective forum.
Post by Manoj Ampalam
Thanks
Manoj.
Regards,
Roumen Petrov

Continue reading on narkive:
Loading...