top | item 35322345 (no title) vaporary | 2 years ago SSH host certificates as somewhat of an abominationMany would say x509 is the real abomination. discuss order hn newest OrvalWintermute|2 years ago I might not disagree with you there.However, for all its warts, x509 due to hardware implementations, seems a great deal more secure than sitting on the FS SSH host certificates. fmajid|2 years ago OpenSSH supports FIDO keys since 8.2p1 and has supported smart cards via GPG longer. load replies (1)
OrvalWintermute|2 years ago I might not disagree with you there.However, for all its warts, x509 due to hardware implementations, seems a great deal more secure than sitting on the FS SSH host certificates. fmajid|2 years ago OpenSSH supports FIDO keys since 8.2p1 and has supported smart cards via GPG longer. load replies (1)
fmajid|2 years ago OpenSSH supports FIDO keys since 8.2p1 and has supported smart cards via GPG longer. load replies (1)
OrvalWintermute|2 years ago
However, for all its warts, x509 due to hardware implementations, seems a great deal more secure than sitting on the FS SSH host certificates.
fmajid|2 years ago