OpenBSD SSH, SSL and IKED CA server

Configuration of an OpenBSD rugged secured server to obtain a private CA for SSH, SSL and iked.

Reverse a private server, kvm instance, docker or another container for this type of application. It'll be useful have it on a spare encrypted USB disk or virtual hided disk. I've got one mounted on a dedicated macppc OpenBSD instance. I use it like local LAN resolver, SNMP collector and, how not, like a CA server.

taglio@cyberanarkhia:/home/taglio$ uname -a
OpenBSD cyberanarkhia.telecom.lobby 6.8 GENERIC.MP#3 macppc
taglio@cyberanarkhia:/home/taglio$

CA server

No everyone know it, but sshd as ssl can use certificate based authentication. It's a feature of openssh.

Just clone this repository on the OpenBSD CA server machine:

$ mkdir -p Sources/Git
$ cd Sources/Git
$ git clone https://github.com/redeltaglio/OpenBSD-private-CA.git
$ cd OpenBSD-private-CA

Our setup_node script got some options:

install -> create SSH and SSL private CA
verify -> printout and verify certificates
reset -> reset filesystem hierarchy and delete certificates and keys
transfer -> tar files on /home/$USER

Nice Regards,

Riccardo <taglio> Giuntoli.

Name		Name	Last commit message	Last commit date
Latest commit History 481 Commits
apache		apache
src		src
LICENSE		LICENSE
README.md		README.md
git_openbsd-private-ca.sh		git_openbsd-private-ca.sh
setup_ca		setup_ca
setup_host		setup_host
user.exp		user.exp
workstation_create_pass_key_ssh_ca.sh		workstation_create_pass_key_ssh_ca.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

OpenBSD SSH, SSL and IKED CA server

CA server

About

Releases

Packages

Languages

License

redeltaglio/OpenBSD-private-CA

Folders and files

Latest commit

History

Repository files navigation

OpenBSD SSH, SSL and IKED CA server

CA server

About

Topics

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages