Flexible, Secure SSH with DNSSEC
-
How would this affect a jumpbox?
-
OpenSSH_6.6.1p1, OpenSSL 1.0.1e-fips 11 Feb 2013
This is the output from a fresh CentOS7 install. Seems to be at 6.1 alright?
-
Oh, needs to be 6.2
-
@anonymous said:
How would this affect a jumpbox?
It would make it easier to manage. All of the public side of the keys would be picked up through DNSSEC instead of pushing them out through custom scripts, Chef, Ansible or making users do it individually.
-
Upgrading OpenSSH to 6.2 seems like a pain. Anyone have a easy way to do it?
-
@anonymous said:
Upgrading OpenSSH to 6.2 seems like a pain. Anyone have a easy way to do it?
Wait until RHEL adds it?
-
Run Fedora?
-
@JaredBusch said:
@anonymous said:
Upgrading OpenSSH to 6.2 seems like a pain. Anyone have a easy way to do it?
Wait until RHEL adds it?
That should be CentOS 8
-
@scottalanmiller said:
@JaredBusch said:
@anonymous said:
Upgrading OpenSSH to 6.2 seems like a pain. Anyone have a easy way to do it?
Wait until RHEL adds it?
That should be CentOS 8
This is currently an emerging technology. So really, anyone trying to implement should NOT be expecting an easy way to do something.
-
Not yet, in a year or two, I'd expect it to get there.