|
#1
04-01-2016, 12:26 AM
|
|||
|
|||
|
Login with signed public keys
Using OpenSSH one can sign users public keys with a CA cert and then allow logons to all keys that are signed with that particular CA cert. No need to add public keys to authorized_keys.
It works perfectly when using openssh, but I haven't figured out how to do it using SecureCRT With OpenSSH you do it like this: * Create CA cert * Add TrustedUserCAKeys-parameter to /etc/ssh/sshd_conf * Sign users public key with CA-cert * On client, copy signed key to .ssh (i.e id_rsa, id_rsa.pub, id_rsa-cert.pub) Now, when logging on to the destination-server, the users public key does not have to be in authorized_keys 
|
|
#2
04-01-2016, 07:38 AM
|
|||
|
|||
|
Hi Scuttle,
How do you create the cert? Is it using ssh-keygen -s? If so, SecureCRT does not support OpenSSH Trusted Certificates at this time. I have added this thread to a feature request in our product enhancement database to support OpenSSH Trusted Certificates. Should a future release of SecureCRT include this feature, notification will be posted here. If you prefer direct email notification, send an email to support@vandyke.com and include "Feature Request - Forum Thread #12306" in the subject line or use this form from the support page of our website.
__________________
Thanks, --Brenda VanDyke Software Technical Support support@vandyke.com (505) 332-5730
|
|
#3
02-22-2017, 04:39 PM
|
||||
|
||||
|
Support for OpenSSH Trusted Certificates has been added to a pre-beta version of SecureCRT. If you would like to try it, please send email to me at Maureen.Jett@vandyke.com.
Maureen
|
 |
| Tags |
| login , openssh |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
