[opensuse-factory] ssh + PKI
Any chance of getting latest version (released ad feb-2009) of ssh in? Current version in 11.1 is openssh-5.1p1, while in some home directories on the OBS lingers openssh-5.2p1-11.1. Major advancement with 5.2 version (if enabled at compile time !!) is the possiblity to use certificates (PKI) instead of just asymetric pre-shared-keys. Seems to be a major security step. hw -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
Am Mittwoch 15 Juli 2009 schrieb Hans Witvliet:
Any chance of getting latest version (released ad feb-2009) of ssh in?
Current version in 11.1 is openssh-5.1p1,
Hi, Factory has openssh-5.2p1 since Feb 23. Greetings, Stephan -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
On Wed, Jul 15, 2009 at 10:09:30AM +0200, Hans Witvliet wrote:
Any chance of getting latest version (released ad feb-2009) of ssh in?
Current version in 11.1 is openssh-5.1p1, while in some home directories on the OBS lingers openssh-5.2p1-11.1.
Major advancement with 5.2 version (if enabled at compile time !!) is the possiblity to use certificates (PKI) instead of just asymetric pre-shared-keys.
Seems to be a major security step.
Factory has openssh 5.2p1 already. Version / feature updates are rarely done for old products. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
Hans Witvliet wrote:
Any chance of getting latest version (released ad feb-2009) of ssh in?
Current version in 11.1 is openssh-5.1p1, while in some home directories on the OBS lingers openssh-5.2p1-11.1.
Major advancement with 5.2 version (if enabled at compile time !!) is the possiblity to use certificates (PKI) instead of just asymetric pre-shared-keys.
Seems to be a major security step.
WoW!!! This would be huge! Many facilities block incoming access unless the session can be authenticated with CAC cards. CAC cards already work with the PCSC and Coolkey libraries, bringing CAC card support to Firefox and Thunderbird. A functioning ssh client would widen the market for SuSE and make my life a heck of a lot easier! Now, is there work to enable the ssh server to do certificate revocation checking? Regards, Lew Wolfgang -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
participants (4)
-
Hans Witvliet -
Lew Wolfgang -
Marcus Meissner -
Stephan Kulow