From owner-freebsd-current@FreeBSD.ORG Thu Nov 16 12:17:49 2006 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6598A16A416 for ; Thu, 16 Nov 2006 12:17:49 +0000 (UTC) (envelope-from marc@msys.ch) Received: from sleipnir.msys.ch (smtp.msys.ch [157.161.101.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id A7D7E43D5F for ; Thu, 16 Nov 2006 12:17:47 +0000 (GMT) (envelope-from marc@msys.ch) Received: from localhost (smtp.msys.ch [157.161.101.10]) by sleipnir.msys.ch (8.13.4/8.13.4) with ESMTP id kAGCHVOY008671; Thu, 16 Nov 2006 13:17:31 +0100 (CET) Received: from merlin.etc.msys.ch (merlin.etc.msys.ch [213.189.137.178]) by mail.msys.ch (Horde MIME library) with HTTP; Thu, 16 Nov 2006 13:17:31 +0100 Message-ID: <20061116131731.5101k7e5mokgw4o4@mail.msys.ch> Date: Thu, 16 Nov 2006 13:17:31 +0100 From: Marc Balmer To: Daniel Hartmeier References: <20061115142820.GB14649@insomnia.benzedrine.cx> In-Reply-To: <20061115142820.GB14649@insomnia.benzedrine.cx> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) H3 (4.1) X-SMTP-Vilter-Version: 1.3.3 X-Spamd-Symbols: ALL_TRUSTED,AWL X-Mailman-Approved-At: Thu, 16 Nov 2006 12:34:54 +0000 Cc: tech@openbsd.org, openssh-unix-dev@mindrot.org, markus@openbsd.org, freebsd-current@freebsd.org Subject: Re: OpenSSH Certkey (PKI) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Nov 2006 12:17:49 -0000 Quoting Daniel Hartmeier : > This patch against OpenBSD -current adds a simple form of PKI to > OpenSSH. We'll be using it at work. See README.certkey (the first chunk > of the patch) for details. > > Everything below is BSD licensed, sponsored by Allamanda Networks AG. I like this very much. We have to administrate quite a number of OpenBSD machines (>100) so this comes in very handy. I have seen becks@ concerns and seeing that Andre already allocated ressources to extend it makes me confident that this actually is in good hands. That said, I am in favour of this new functionality. After all it's optional, nobody is forced to use it. It would be nice if this could get committet (after some more testing and with a huge number of oks ;) - Marc Balmer ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.