SSH User authentication using Certificate

blackeyedpees · 03-19-2010, 06:50 AM

Hi all,

I was trying to configure user authentication in SSH using certificate method.
As u all know the usual way of authentication is using the ssh-keygen method. But i want the another method where we create a certificate key and send it to the CA, which signs it and send back etc etc..

I cannot find any unique procedure in the net to configure this method.

Can u guys help me in getting this figured out.

Thanks in advance.

acid_kewpie · 03-19-2010, 07:15 AM

It seems that you'd need to patch openssh to achieve this, but is certaibnly possible... http://www.roumenpetrov.info/openssh/#news

blackeyedpees · 03-19-2010, 07:29 AM

Quote:

Originally Posted by acid_kewpie

It seems that you'd need to patch openssh to achieve this, but is certaibnly possible... http://www.roumenpetrov.info/openssh/#news

Thanks chris for ur quiick response.
I am loooking for a step by step procedure to configure this.

acid_kewpie · 03-19-2010, 08:01 AM

Not everything in life has a "step by step guide". there should be details in the source code for the additional functionality it provides. Note that this is NOT a common thing to want to do, so you need to appreciate you'll possibly need to think more about what you're doing, and not want a "dummies guide" here. From what it does I can't imagine it's exactly tricky - configure the server to look at the right root CA certs and tell the client where it's certificate is, and enable that authentication method i should imagine. within SSH there can't be much more too it.