[
https://issues.apache.org/jira/browse/SSHD-1161?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17347089#comment-17347089
]
Thomas Wolf commented on SSHD-1161:
-----------------------------------
Added a couple of follow-up issues that are needed to make this
feature-complete for the client side. Server-side would need more, like
TrustedUserCAKeys and AuthorizedPrincipalsFile sshd config handling, and
handling the "cert-authority" option and possibly other options in the
{{authorized_keys}} file.
> Support OpenSSH client certificates for publickey authentication
> ----------------------------------------------------------------
>
> Key: SSHD-1161
> URL: https://issues.apache.org/jira/browse/SSHD-1161
> Project: MINA SSHD
> Issue Type: New Feature
> Reporter: Alex Sherwin
> Priority: Major
> Original Estimate: 24h
> Time Spent: 5h 20m
> Remaining Estimate: 18h 40m
>
> Support OpenSSH client certificates for publickey authentication
> This extends the existing publickey authentication protocol described in RFC
> 4252 Section 7: https://datatracker.ietf.org/doc/html/rfc4252#section-7
> The extensions are described in
> [https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?annotate=HEAD]
> Currently the MINA code base supports host key certificates (where the client
> can optionally validate a host certificate), but client certificates are not
> supported (where the client can use a certificate for authentication to the
> server)
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
