ssh-keysign
E911266
ssh-keysign is an OpenSSH helper program used by the SSH client to perform host-based authentication by securely signing data with host keys.
Statements (46)
| Predicate | Object |
|---|---|
| instanceOf |
OpenSSH helper program
ⓘ
software program ⓘ |
| authenticates | client host to remote server ⓘ |
| category |
SSH authentication helper
ⓘ
cryptographic utility ⓘ |
| communicationMethod |
standard input
ⓘ
standard output ⓘ |
| distribution |
OpenBSD base system
NERFINISHED
ⓘ
most Linux distributions with OpenSSH ⓘ |
| doesNot |
read user private keys
ⓘ
run as a standalone interactive program ⓘ |
| implements | host-based authentication protocol ⓘ |
| introducedFor | supporting SSH host-based authentication without exposing host keys to users ⓘ |
| invokedBy | ssh ⓘ |
| license | BSD-style license ⓘ |
| maintainedBy | OpenSSH developers ⓘ |
| manPage | ssh-keysign(8) ⓘ |
| operatesAt | application layer ⓘ |
| partOf | OpenSSH NERFINISHED ⓘ |
| performs | cryptographic signing ⓘ |
| programmingLanguage | C ⓘ |
| readsConfigurationFrom |
/etc/ssh/ssh_config
ⓘ
~/.ssh/config ⓘ |
| readsHostKeysFrom |
/etc/ssh/ssh_host_ecdsa_key
ⓘ
/etc/ssh/ssh_host_ed25519_key ⓘ /etc/ssh/ssh_host_rsa_key ⓘ |
| requires | access to system host private keys ⓘ |
| requiresOption |
EnableSSHKeysign yes
ⓘ
HostbasedAuthentication yes ⓘ |
| runsOn |
FreeBSD
NERFINISHED
ⓘ
Linux ⓘ OpenBSD NERFINISHED ⓘ Unix-like operating systems ⓘ macOS NERFINISHED ⓘ |
| securityGoal | protect host private keys from exposure to ssh client process ⓘ |
| securityModel | setuid root helper ⓘ |
| signsWith | host keys ⓘ |
| supports |
ecdsa-sha2-nistp256 host keys
ⓘ
ecdsa-sha2-nistp384 host keys ⓘ ecdsa-sha2-nistp521 host keys ⓘ ssh-ed25519 host keys ⓘ ssh-rsa host keys ⓘ |
| upstreamProject | OpenSSH Portable NERFINISHED ⓘ |
| usedBy | ssh client ⓘ |
| usedFor | host-based authentication ⓘ |
| uses | OpenSSH libssh codebase NERFINISHED ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.