4
A number of Linux servers has been set up, so that they have TrustedUserCAKeys
in their sshd_config.
My public ssh key is not and should not be installed on any of these servers. Instead, when I need access to any of these service, I get a piece of software to sign my public ssh key with the CA certificate that the servers trust as above. The issued signature is short-timed so it's valid, say, for half an hour.
Say, my private key is stored in mykey
file and my public key is stored in mykey.pub
file. So said piece of software authenticates me and, when it's satisfied that I have necessary access, issues me with a signature of my mykey.pub
, that I then store in mykey-cert.pub
file. With all three files in the current directory I issue this command on Linux:
ssh -i mykey myname@server
and I'm in.
I would like to be able to access these Linux servers from windows too. I of course could try and use cygwin or msys ssh, but I like the convenience of putty.
Is there any way for me to make putty understand and communicate my CA signed key to the servers?
1
Looks like putty does not support it. Bummer!
– Andrew Savinykh – 2017-07-27T01:01:44.7931Looks like you found your own answer. Please post it as a proper Answer (rather than just a comment), and then accept your own Answer by clicking the checkmark next to your Answer. That way SuperUser will show that this question has been resolved. – Spiff – 2017-07-27T01:17:58.663
@Spiff it's a good practice to keep questions open for a few days to give others a chance to contribute. – Andrew Savinykh – 2017-07-27T01:35:24.357
@AndrewSavinykh You clearly have an answer. You should submit an answer today. A few days won't change the fact you have an answer. If somebody submits a better answer you can always change your accepted answer. Putty doesn't support it, that won't change in a few days, that will never change until the software is updated. – Ramhound – 2017-07-27T01:43:15.490
@Ramhound, I'm always surprised to ingenuity of our excellent community, who can come up with unexpected and brilliant answers when you least expect that. You could be surprised. But even if not - no harm done. – Andrew Savinykh – 2017-07-27T02:06:01.757
Doesn't change the fact you should still submit your answer – Ramhound – 2017-07-27T02:10:30.370
@Ramhound I totally intend to. – Andrew Savinykh – 2017-07-27T02:11:31.147
@AndrewSavinykh When do you think you'll do that? – SimonJGreen – 2017-12-12T19:51:07.840
@SimonJGreen thank you for reminding me, I accepted the answer. – Andrew Savinykh – 2017-12-12T22:18:10.617