bes2008
commented
3 years ago Open norrisjeremy opened 3 years ago
bes2008
commented
3 years ago 
norrisjeremy
commented
3 years ago FYI, I spent a bit of time earlier this week reviewing the change from the is/jsch fork and it didn't appear to be quite as complete as I originally thought.
If I'm understanding the changeset correctly, it appears to have only added support for transmitting users' OpenSSH certificates to the server for public key authentication. It doesn't appear to include support for HostCertificates sent by SSH servers in lieu of HostKeys. I also don't believe it added support for generating OpenSSH certificates files either.
Eventually I may still circle around to seeing what it would take to integrate this change, as well as add the missing items I noted above.
The JSch fork at is/jsch appears to have support for OpenSSH certificates. See addb8e3.