version 1.15, 2018/07/03 11:39:54 |
version 1.18, 2021/06/04 04:02:21 |
|
|
ecdsa-sha2-nistp256-cert-v01@openssh.com |
ecdsa-sha2-nistp256-cert-v01@openssh.com |
ecdsa-sha2-nistp384-cert-v01@openssh.com |
ecdsa-sha2-nistp384-cert-v01@openssh.com |
ecdsa-sha2-nistp521-cert-v01@openssh.com |
ecdsa-sha2-nistp521-cert-v01@openssh.com |
|
ssh-ed25519-cert-v01@openssh.com |
|
|
Two additional types exist for RSA certificates to force use of |
Two additional types exist for RSA certificates to force use of |
SHA-2 signatures (SHA-256 and SHA-512 respectively): |
SHA-2 signatures (SHA-256 and SHA-512 respectively): |
|
|
certificates may be presented from any |
certificates may be presented from any |
source address. |
source address. |
|
|
|
verify-required empty Flag indicating that signatures made |
|
with this certificate must assert FIDO |
|
user verification (e.g. PIN or |
|
biometric). This option only make sense |
|
for the U2F/FIDO security key types that |
|
support this feature in their signature |
|
formats. |
|
|
Extensions |
Extensions |
---------- |
---------- |
|
|
|
|
|
|
Name Format Description |
Name Format Description |
----------------------------------------------------------------------------- |
----------------------------------------------------------------------------- |
|
no-touch-required empty Flag indicating that signatures made |
|
with this certificate need not assert |
|
FIDO user presence. This option only |
|
make sense for the U2F/FIDO security |
|
key types that support this feature in |
|
their signature formats. |
|
|
permit-X11-forwarding empty Flag indicating that X11 forwarding |
permit-X11-forwarding empty Flag indicating that X11 forwarding |
should be permitted. X11 forwarding will |
should be permitted. X11 forwarding will |
be refused if this option is absent. |
be refused if this option is absent. |