Skip to content

Releases: binarycodes/ssh-key-signer

Release v0.0.10

08 Feb 11:12
@github-actions github-actions
Immutable release. Only release title and notes can be modified.
v0.0.10
This tag was signed with the committer’s verified signature.
binarycodes Sujoy Das
GPG key ID: 1259AD35A207EFB0
Verified
Learn about vigilant mode.
0303c12
This commit was signed with the committer’s verified signature.
binarycodes Sujoy Das
GPG key ID: 1259AD35A207EFB0
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v0.0.10 Latest
Latest

Packing and ci/cd workflow related changes only.

Assets 7
Loading

Release v0.0.9

05 Jan 01:27
@github-actions github-actions
Immutable release. Only release title and notes can be modified.
v0.0.9
This tag was signed with the committer’s verified signature.
binarycodes Sujoy Das
GPG key ID: 1259AD35A207EFB0
Verified
Learn about vigilant mode.
18e45b8
This commit was signed with the committer’s verified signature.
binarycodes Sujoy Das
GPG key ID: 1259AD35A207EFB0
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v0.0.9

Fixes

  • Add cert in agent for the entire cert duration
Loading

Release v0.0.8

14 Dec 21:07
@github-actions github-actions
Immutable release. Only release title and notes can be modified.
v0.0.8
This tag was signed with the committer’s verified signature.
binarycodes Sujoy Das
GPG key ID: 1259AD35A207EFB0
Verified
Learn about vigilant mode.
fa7fdce
This commit was signed with the committer’s verified signature.
binarycodes Sujoy Das
GPG key ID: 1259AD35A207EFB0
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v0.0.8

Fix packages for Debian and Arch Linux

Loading

Release v0.0.7

05 Nov 17:58
@github-actions github-actions
Immutable release. Only release title and notes can be modified.
v0.0.7
This tag was signed with the committer’s verified signature.
binarycodes Sujoy Das
GPG key ID: 1259AD35A207EFB0
Verified
Learn about vigilant mode.
76fa0c2
This commit was signed with the committer’s verified signature.
binarycodes Sujoy Das
GPG key ID: 1259AD35A207EFB0
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v0.0.7

Bug fixes and packages for Debian and Arch Linux

Loading

Release v0.0.6

02 Nov 13:39
@github-actions github-actions
Immutable release. Only release title and notes can be modified.
v0.0.6
This tag was signed with the committer’s verified signature.
binarycodes Sujoy Das
GPG key ID: 1259AD35A207EFB0
Verified
Learn about vigilant mode.
65cd9d8
This commit was signed with the committer’s verified signature.
binarycodes Sujoy Das
GPG key ID: 1259AD35A207EFB0
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v0.0.6

For user certificates, specifying the key file is now optional.
If key is not specified then a new ed25519 key pair and certificate for it is generated.

This private key and the certificate is added to the user's ssh-agent.
So the ssh-agent must already be running.

Loading

Release v0.0.5

11 Oct 22:26
@github-actions github-actions
Immutable release. Only release title and notes can be modified.
v0.0.5
This tag was signed with the committer’s verified signature.
binarycodes Sujoy Das
GPG key ID: 1259AD35A207EFB0
Verified
Learn about vigilant mode.
377fdc6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v0.0.5

The ssh-keysign-linux-amd64 binary now supports both host certificate and user certificate signing.

New configuration options for the ssh-key-signer-server, for example,

SOURCE_ADDRESSES: 10.10.0.0/16
KNOWN_EXTENSIONS: permit-pty,permit-agent-forwarding

The existing validity options now support duration formats, s - second, h - hour, etc.

CA_USER_VALIDITY: 30m
CA_HOST_VALIDITY: 365d

The client app ssh-keysign-linux-amd64 now takes options from either parameter, environment variables or a config file.

Sample configuration file may look like the following,

Warning

The sample config uses the default test setup in the project. Configure the values according to your environment

log-level: "error"       # error|warn|info|debug
log-dest: "stderr"       # stderr|stdout|file

ca-server-url: "http://localhost:8088"
client-id: "my-test-client"
client-secret: "UTRtYkyYN1nbgdPPbBru1FDVsE8ye5JE"
token-url: "http://10.88.0.100:8090/realms/my-test-realm/protocol/openid-connect/token"

user:
  key: "testdata/id.pub"
  principal:
    - alice
  duration: 3600

host:
  key: "testdata/id.pub"
  principal:
    - webserver
  duration: 3600

Note

The java based separate host and user cert generators are now removed.

Loading

Release v0.0.4

12 Sep 14:10
@github-actions github-actions
v0.0.4
0e8ddb2

Choose a tag to compare

View all tags
Release v0.0.4

match authenticated user and principal before signing certificate for user

Loading

Release v0.0.3

08 Sep 19:13
@github-actions github-actions
v0.0.3
891c212

Choose a tag to compare

View all tags
Release v0.0.3

Configurable validity period for user and host certificate in days.

sample configuration in spring boot properties

CA_USER_VALIDITY: 1
CA_HOST_VALIDITY: 365
Loading

Release v0.0.1

26 Apr 12:21
@github-actions github-actions
v0.0.1
63c7aef

Choose a tag to compare

View all tags
Release v0.0.1

Initial release for the key signer.

Loading