[Bug 2305] New: sshd does not accept @cert-authority when doing host based authentication.

bugzilla-daemon Tue, 04 Nov 2014 23:47:04 -0800

https://bugzilla.mindrot.org/show_bug.cgi?id=2305


            Bug ID: 2305
           Summary: sshd does not accept @cert-authority when doing host
                    based authentication.
           Product: Portable OpenSSH
           Version: 6.5p1
          Hardware: amd64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: sshd
          Assignee: [email protected]
          Reporter: [email protected]

Created attachment 2503
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2503&action=edit
sshd_config same on both machines.

When doing host based authentication using signed host keys you need to
have the connecting host in /etc/ssh/ssh_known_hosts. @cert-authority
is not enough. 

When running sshd in debug-mode it seems it first accepts the cert with
CA. but then requires the actual host to be in ssh_known_hosts anyway.

Hm only one attachment?
the ssh_known_hosts has only one line looking something like:

@cert-authority * ssh-rsa AAAA....

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2305] New: sshd does not accept @cert-authority when doing host based authentication.

Reply via email to