ssh certificate support

2021-09-13 Thread Benjamin C Forsyth via libssh2-devel
I was curious about using ssh certificates with libssh2. I dug around a little and it seemed that support for some of the lower level crypto methods are not available. I wasn't sure if I was doing something incorrect.   Has anyone done authentication with ssh based certificates using libssh2?   Tha

Re: ssh certificate support

2021-09-13 Thread Peter Stuge via libssh2-devel
Hi Ben, Benjamin C Forsyth via libssh2-devel wrote: > I was curious about using ssh certificates with libssh2. I dug around a > little and it seemed that support for some of the lower level crypto > methods are not available. I wasn't sure if I was doing something > incorrect. What methods do you

Re: ssh certificate support

2021-09-13 Thread Felipe Gasper via libssh2-devel
> On Sep 13, 2021, at 12:00 PM, Benjamin C Forsyth via libssh2-devel > wrote: > > I was curious about using ssh certificates with libssh2. I dug around a > little and it seemed that support for some of the lower level crypto methods > are not available. I wasn't sure if I was doing something

Re: ssh certificate support

2021-09-13 Thread Peter Stuge via libssh2-devel
Felipe Gasper via libssh2-devel wrote: > > Has anyone done authentication with ssh based certificates using libssh2? > > Are you talking about SSL/TLS certificates? I believe no, see man ssh-keygen under CERTIFICATES //Peter -- libssh2-devel mailing list libssh2-devel@lists.haxx.se https://lis

Re: ssh certificate support

2021-09-13 Thread Peter Stuge via libssh2-devel
Peter Stuge via libssh2-devel wrote: > > I was curious about using ssh certificates with libssh2. I dug around a > > little and it seemed that support for some of the lower level crypto > > methods are not available. I wasn't sure if I was doing something > > incorrect. > > What methods do you fin

RE: ssh certificate support

2021-09-13 Thread Benjamin C Forsyth via libssh2-devel
Yes, the certificates are generated by OpenSSL or compatible crypto library.   A client will get their ssh public key signed by the same Certificate Authority that the OpenSSH server has been configured with and then present their signed public key as part of the OpenSSH authentication process.   T

Re: ssh certificate support

2021-09-13 Thread Will Cosgrove via libssh2-devel
The only cert that is currently supported is using the OpenSSL backend with ecdsa-sha2-nistp256/521/384-cert-...@openssh.com certs. Cheers, Will > On Sep 13, 2021, at 1:34 PM, Benjamin C Forsyth via libssh2-devel > wrote: > > Yes, the certificates are generated by OpenSSL or compatible cryp