Hacker News new | ask | show | jobs
by nanis 606 days ago
> the SSH certificates issued by the Cloudflare CA include a field called ValidPrinciples

Having implemented similar systems before, I was interested to read this post. Then I see this. Now I have to find out if that really is the field, if this was ChatGPT spellcheck, or something else entirely.
1 comments
blueflow 606 days ago
For the others: The correct naming is "principals".
link
jgrahamc 606 days ago
Sigh. I'll get that fixed and figure out how that happened.
link
nanis 602 days ago
This was corrected to:

> ... SSH certificates issued by the Cloudflare CA include a field called valid_principals

which indicates it wasn't just the spelling of `principals`.

link
jgrahamc 602 days ago
It depends... ssh-keygen -L displays the fields as Principals (which are set using the -n parameter) and internally a lot of the OpenSSH code talks about AuthorizedPrincipals...
link