[
https://issues.apache.org/jira/browse/GUACAMOLE-1290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17285711#comment-17285711
]
Marco Passerini commented on GUACAMOLE-1290:
--------------------------------------------
>From what I saw in the code, it should be enogh to add a public-key form in
>the guacamole-client, and modify the REST API of guacamole-server to include
>the public-key on that side as well. Then edit the logic in this section:
>[https://github.com/apache/guacamole-server/blob/master/src/common-ssh/key.c#L79]
> Currently the code is generating the public key from the private key. It
>should instead use the one provided by the user, if available. And do
>something like "ssh -i privatekey -i publickey hostname".
> Add support for SSH certificates
> --------------------------------
>
> Key: GUACAMOLE-1290
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1290
> Project: Guacamole
> Issue Type: New Feature
> Components: SSH
> Reporter: Marco Passerini
> Priority: Major
>
> Guacamole does not work with SSH certificates. In order to log in with SSH
> certificates, one would need to include the public key, signed by the CA, in
> addition to the private key.
> More documentation on how this works is provided here:
> [https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/sec-using_openssh_certificate_authentication]
> The feature was requested first on the user mailing list:
> [http://mail-archives.apache.org/mod_mbox/guacamole-user/202102.mbox/%3CCALKeL-OJB7FGxdoyekJW-G12-ppdRVJ%2BWs%3DTP%2BAingWcuZEdig%40mail.gmail.com%3E]
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
