Hacker News new | ask | show | jobs
by slt2021 1327 days ago
I was not able to find whether openssh can be exploited with this CVE by presenting malicious client auth certificate.

would be glad if someone could clarify whether openssh has this vulnerability?
1 comments
formerly_proven 1327 days ago
OpenSSH doesn't support X.509 certificates.
link
xorcist 1327 days ago
Nor does it call any SSL-related function.

OpenSSH only links to OpenSSL for the cryptographic primitives. SSH and SSL are different protocols.

link