OpenSSH SSH certificate : Royal Apps

A

Alex K.

started a topic about 2 years ago

Hi Royal Apps,

Would it be possible to support OpenSSH certificate as an authentication method to login?

In the latest PuTTY version 0.78, there is support for this method (see screenshot).

One of the major security benefits of using signed cert is its validity period.

Thanks.

putty-ssh-ce...

(80.6 KB)

J

Jengjie Shen

said over 1 year ago

Hi, Felix,

OK. We will prepare the lab to try both Royal TS and TSX for OpenSSH certificate authentication and use your advise on TSX. Thanks again!

J

Jengjie Shen

said over 1 year ago

Hi, Felix,

I can confirm that Royal TSX v6 supports OpenSSH certificate authentication just like you described.

Thanks.

Felix Deimel

said over 1 year ago

Hi Jengjie,

that's great to hear! Thx for letting us know.

cheers,

Felix

J

Jengjie Shen

said over 1 year ago

Hi, One more question: Which folder should I put private key and -cert.pub in when I use TSX to connect to sftp via the ssh terminal profile? I can use sftp command in macOS Terminal.app to connect to sftp server with private key and -cert.pub in ~/.ssh successfully. But using TSX, the sftp connection will complaint the public key mismatch the private key.

Felix Deimel

said over 1 year ago

Hi Jengjie,

unfortunately that's not a supported scenario at the moment.

While SSH connections use the built-in OpenSSH client of macOS in Royal TSX, SFTP and SCP connections use a third party library from Rebex which currently does not support OpenSSH certificates.

So while we hope that Rebex will get around to implementing OpenSSH certificates in addition to X.509 certificates, there's no guarantee that this will happen.

Sorry for the bad news.

cheers,

Felix

How can we help you today?