Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Announce: X.509 certificates support in OpenSSH version 5.4

from [Roumen Petrov] Network Security [Permanent Link]
Subject: Announce: X.509 certificates support in OpenSSH version 5.4
Date: Thu, 27 Apr 2006 21:38:16 +0300 
Hi All,

The version 5.4 of "X.509 certificates support in OpenSSH" is ready for 
download.
On download page 
http://roumenpetrov.info.localhost/openssh/download.html#get_-5.4
you can found diffs for OpenSSH versions 4.2p1 and 4.3p2.


What's new:
* given up support for "x509v3-sign-rsa-sha1" and "x509v3-sign-dss-sha1"
    The implementation realised in previous version 5.3 is not fully in 
conformance
  with "draft-ietf-secsh-x509-02.txt"

* correct nid for OCSP responder location
    All version before 5.4 search for nid "id-pkix-ocsp-service-locator"
  instead for correct one "id-ad-ocsp" to find location of OCSP responder.

* public key permit X.509 certificate for authentication
    Now the public key listed in authorized keys file permit too a X.509 
certificate
  with public key that match it to be used in "public key authentication".

* client option "PubkeyAlgorithms"
    This new clent option specifies the protocol version 2 algorithms used in
  "publickey" authentication allowed to sent to the host.

* server option "KeyAllowSelfIssued"
    This new server option specifies whether only public key or certificate blob
  listed in authorized keys file can allow self-issued(self-signed) X.509
  certificate to be used for user authentication.


Please visit "http://roumenpetrov.info/openssh/"; for more information
about "X.509 certificates support in OpenSSH".


Regards,
Roumen Petrov


[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Announce: X.509 certificates support in OpenSSH version 5.4, Roumen Petrov <=
Previous by Date:  Empty Windows, Simon Goodwin
Next by Date:  sshd cannot be started normally after system crash, Eddie
Previous by Thread:  Empty Windows, Simon Goodwin
Next by Thread:  sshd cannot be started normally after system crash, Eddie
Indexes:  [Date] [Thread] [Top] [All Lists]