From bed3630f52e060de4afdebab1a5136eb53f9c6e3 Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Oct 25 2020 20:38:07 +0000 Subject: Use current dates rather than 5 years old --- diff --git a/modules/system-administrators-guide/pages/infrastructure-services/OpenSSH.adoc b/modules/system-administrators-guide/pages/infrastructure-services/OpenSSH.adoc index 64eb94e..f84502e 100644 --- a/modules/system-administrators-guide/pages/infrastructure-services/OpenSSH.adoc +++ b/modules/system-administrators-guide/pages/infrastructure-services/OpenSSH.adoc @@ -449,7 +449,7 @@ Support for certificate authentication of users and hosts using the new OpenSSH ---- ~]# dnf install openssh -Last metadata expiration check performed 0:58:01 ago on Sun Sep 6 16:07:22 2015. +Last metadata expiration check performed 0:58:01 ago on Sun Sep 6 16:07:22 2020. Package openssh-7.1p1-1.fc23.x86_64 is already installed, skipping. ---- @@ -577,7 +577,7 @@ For example: ---- ~]# ssh-keygen -s ~/.ssh/ca_host_key -I host_name -h -n host_name.example.com -V -1w:+54w5d /etc/ssh/ssh_host_rsa.pub Enter passphrase: -Signed host key /root/.ssh/ssh_host_rsa-cert.pub: id "host_name" serial 0 for host_name.example.com valid from 2015-05-15T13:52:29 to 2016-06-08T13:52:29 +Signed host key /root/.ssh/ssh_host_rsa-cert.pub: id "host_name" serial 0 for host_name.example.com valid from 2020-05-15T13:52:29 to 2021-06-08T13:52:29 ---- [[sec-Distributing_and_Trusting_SSH_CA_Public_Keys]] @@ -723,7 +723,7 @@ Alternately, from the CA: ---- ~]# ssh-keygen -s ~/.ssh/ca_host_key -I host_name -h -n host_name.example.com -V -1d:+54w /home/admin/keys/ssh_host_rsa_key.pub Enter passphrase: -Signed host key /home/admin/keys/ssh_host_rsa_key-cert.pub: id "host_name" serial 0 for host_name.example.com valid from 2015-05-26T12:21:54 to 2016-06-08T12:21:54 +Signed host key /home/admin/keys/ssh_host_rsa_key-cert.pub: id "host_name" serial 0 for host_name.example.com valid from 2020-05-26T12:21:54 to 2021-06-08T12:21:54 ---- + Where _host_name_ is the host name of the system requiring the certificate. @@ -859,7 +859,7 @@ If you have configured the client system to trust the host signing key as descri ---- ~]# ssh-keygen -s ~/.ssh/ca_user_key -I user1 -n user1 -V -1d:+54w /home/admin/keys/id_rsa.pub Enter passphrase: -Signed user key /home/admin/keys/id_rsa-cert.pub: id "user1" serial 0 for host_name.example.com valid from 2015-05-21T16:43:17 to 2016-06-03T16:43:17 +Signed user key /home/admin/keys/id_rsa-cert.pub: id "user1" serial 0 for host_name.example.com valid from 2020-05-21T16:43:17 to 2021-06-03T16:43:17 ---- . Copy the resulting certificate to the user's `~/.ssh/` directory on their system. For example: @@ -950,7 +950,7 @@ To view a certificate, use the [option]`-L` to list the contents. For example, f Signing CA: RSA SHA256:y6f0DGlHe28YWotEypnhfk3WLYQ5TgaQwoSlOFwmmm0 Key ID: "user1" Serial: 0 - Valid: from 2015-05-27T00:09:16 to 2016-06-09T00:09:16 + Valid: from 2020-05-27T00:09:16 to 2021-06-09T00:09:16 Principals: user1 Critical Options: (none) @@ -972,7 +972,7 @@ To vew a host certificate: Signing CA: RSA SHA256:y6f0DGlHe28YWotEypnhfk3WLYQ5TgaQwoSlOFwmmm0 Key ID: "host_name" Serial: 0 - Valid: from 2015-05-26T17:19:01 to 2016-06-08T17:19:01 + Valid: from 2020-05-26T17:19:01 to 2021-06-08T17:19:01 Principals: host_name.example.com Critical Options: (none)