[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] basic client certificate support for libssh
[Thread Prev] | [Thread Next]
- Subject: Re: [PATCH] basic client certificate support for libssh
- From: Axel Eppe <aeppe@xxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Sun, 01 Mar 2015 17:31:33 +0000
- To: libssh@xxxxxxxxxx
...and I forgot to mention: Signed-off-by: Axel Eppe <aeppe@xxxxxxxxxx> On Sun Mar 01 2015 at 5:22:28 PM Axel Eppe <aeppe@xxxxxxxxxx> wrote: > Hi, > > Please find attached a patch that adds basic openssh.com certificate > support for libssh clients. This patch is very simple and key type > agnostic: it sends the certificate blob as-is to the server, instead of the > public key. This can be a first step before a more in-depth certificate > support that includes the server side as well. > > Agent authentication works out of the box without any modification. File > and base64-encoded blob methods only require 2 additional steps, i.e. > loading the cert as a public key, and copying it into the private key, via > a new "ssh_pki_copy_cert_to_privkey" function: > > ssh_key privkey = ssh_pki_import_privkey_file(path_to_privkey_file, NULL, > NULL, NULL, &privkey); > ssh_key cert = ssh_pki_import_pubkey_file(path_to_pubkey_file, &pubkey); > rc = ssh_pki_copy_cert_to_privkey(pubkey, privkey); > >
| [PATCH] basic client certificate support for libssh | Axel Eppe <aeppe@xxxxxxxxxx> |