alex-sherwin opened a new pull request #194:
URL: https://github.com/apache/mina-sshd/pull/194


   Fully implements https://issues.apache.org/jira/browse/SSHD-1161
   
   This PR covers using OpenSSH client certificate publickey authentication 
from the MINA client code
   
   It's unit tested against OpenSSH sshd using testcontainers
   
   OpenSSH client certificate publickey authentication is an extension to 
https://datatracker.ietf.org/doc/html/rfc4252#section-7 as defined in 
https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?annotate=HEAD
   
   It slightly modifies the existing MINA certkeys code, which was originally 
added to only support host certificates.  The most significant change to the 
existing code was renaming the `OpenSshCertificate.getServerHostKey` function 
to `OpenSshCertificate.getCertPubKey`, as `getServerHostKey` was a confusing 
name since a `OpenSshCertificate` instance can be either a server host cert or 
client cert.
   
   The unit test covers the following client certificate types (which are all 
the types that current stable OpenSSH enables by default):
   
   * [email protected]
   * [email protected]
   * [email protected]
   * [email protected]
   * [email protected]
   * [email protected]


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to