certificates for sshd

wwnexc · 11-06-2005, 12:06 PM

Hi,

i just implemented certificate authentification for opensshd. It works great.

I only have one question about this whole ordeal:

Code:

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile	.ssh/authorized_keys

what is the difference between PUBKEY and RSA? I know that i have an RSA-public key in each user's home folder under .ssh.

I think that this setting doesn't make any sense, and i couldn't find any info online about it (at least non i could understand).

Could somebody please explain the differences and common traits of PUBKEY and RSA-authentification.

Thank you sooo much!!

Capt_Caveman · 11-06-2005, 07:15 PM

AFAIK, the RSAAuthentication keyword only allows public key authentication using the RSA algorithm, while the PubkeyAuthentication keyword is more general and allows other types of authentication like DSA or Blowfish, along with RSA.

However a number of these PKI keywords used in SSH are being deprecated and replaced by the "AllowedAuthentications publickey" directive (at least in SSH2) so there is likely overlap with some keywords being kept around so that they will still be backwards-compatible with older SSH clients.

wwnexc · 11-06-2005, 08:28 PM

I see. Anyways i have disabled version 1 completely, as well as passwords.

I have disabled RSAauthentification, but enabled public keys. It works great now.

I think you are right: RSAauthentification only refers to ssh1.

thanks for your help!!!