Public key authentication (PKA) allows a user to connect to the Copssh server without sending a password over the Internet. PKA uses a key pair: a private key and a public key. The private key represents user's identity and should be kept in a secure place and protected with a passphrase. The corresponding public key is automatically added to the list of public keys accepted by the user on the Copssh server.
Copssh Control Panel is now updated with a management framework for PKA administration:
- Wizard for creation of key pairs: Select key types rsa, dsa and ecdsa with supported keylengths, save private keys with an optional passphrase and add the public key to the list of authorized keys.
- Remove a public key from the list of authorized keys.
- Update comment and/or options fields of a public key
NB! This is just an attempt to make PKA setup easier. If you are a seasoned PKA veteran, you can update the underlying system files directly according to your requirements.
It's been observed that auto-populating the user list from domains with many users is very time consuming and leads to hangs and problems. User Activation Wizard in the Control Panel uses now a text entry field for domain users or if the local host is a domain controller. Auto-populated user list is still the preferred way to select local users on hosts which are not domain controllers.
Copssh 4.1.0 contains also the security patch for OpenSSL 0.9.8r.
