https://bugzilla.mindrot.org/show_bug.cgi?id=3854
Bug ID: 3854
Summary: Add option "destination-address=address_list" to
ssh-keygen
Product: Portable OpenSSH
Version: 10.0p2
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: [email protected]
Reporter: [email protected]
Hi,
When creating a certificate with the command ssh-keygen, we see that we
can pass the "-O" options that will be integrated within the certicate.
I’d like to have a new options which could be called
destination-address
destination-address=address_list
Restrict the destination addresses to which the certificate is
considered valid. The address_list is a comma-separated list of one or
more address/netmask pairs in CIDR format.
Since now, we wouldn’t have the need of such options, as these options
were used in authorized_keys as as the authorized_keys was de facto
installed on a specific machine.
That way, when creating a certificat I could restrict to which server
the ssh-key can connect.
Regards,
cED
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
