8 thoughts on “Use an X.509 certificate for SSH Login

  1. Just to expand the tip about the ~/.ssh/config file, you can also enter the username and some other info there. Something like this works for me:

    Host projetos.xxx.com.br
    User ubuntu
    Port 22
    IdentityFile ~/.ssh/key1.pem

    Host awshost.xxxx.net
    User ec2-user
    Port 22
    IdentityFile ~/.ssh/awsadmin.key

    So I only need to type

    ssh projetos.xxx.com.br

  2. I just like the helpful information you provide to your articles. I’ll bookmark your blog and take a look at again here frequently. I’m fairly sure I will be informed many new stuff right here! Good luck for the next!

  3. Interesting article, I use my SuisseID Hard Token for SSH Logins now.
    But what you’re doing is basicly “converting” an X.509-Key to an OpenSSH Key. The “key feature” (in my view) of a X.509 PKI got lost: The possibility to revoke a key.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s