Hello, just wondering if X2GO has capabilities to work with signed certificates. I am currently using x2go to connect to a centos 6.1 server with essentially an interface to mysql. The connection is done through public and private keys, with authorised key file(public key) on the users home directory on the server. I want to switch to signed certificates, will x2go support this?
I use vault by hashicorp to sign my certificate after public key is sent to it, then I authenticate using private key and signed certificate to the host. The command is: ssh -i signed-cert -i ~/.ssh/id_rsa username@ip_address
On Thu, Jun 20, 2019 at 10:22 AM High Grandmaster Lord Zeronious <lolkidrock@gmail.com> wrote:
Hello, just wondering if X2GO has capabilities to work with signed certificates. I am currently using x2go to connect to a centos 6.1 server with essentially an interface to mysql. The connection is done through public and private keys, with authorised key file(public key) on the users home directory on the server. I want to switch to signed certificates, will x2go support this?
I use vault by hashicorp to sign my certificate after public key is sent to it, then I authenticate using private key and signed certificate to the host. The command is: ssh -i signed-cert -i ~/.ssh/id_rsa username@ip_address
x2go supports using an ssh-agent. If signed certificates are supported by the agent it might work but AFAIK ssh-agent does not offer that functionality.
Apart from that: you are doing big efforts to secure the access to your site but at the same time you are running an old, unpatched operating system? CentOS6 is at 6.10 currently! (Security updates are only offered for the latest minor version within a major version, see https://wiki.centos.org/FAQ/General#head-dcca41e9a3d5ac4c6d900a991990fd11930...)
Uli
-
High Grandmaster Lord Zeronious -
Ulrich Sibiller