SSH Certificate Format

SSH Certificate Format OpenSSH

djm@openssh.com https://www.openssh.com/

General Internet Engineering Task Force ssh certificate This document presents a lightweight certificate format that may be used in the context of the Secure Shell (SSH) protocol for user and host authentication.

Introduction Secure Shell (SSH) is a protocol for secure remote connections and login over untrusted networks. SSH uses public key signatures for host authentication and commonly uses them for user authentication. This document describes a lightweight certificate format for use in these contexts. It may be used for server authentication as part of key exchange () and for user public key authentication ().

Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

Certificate Format All values in a certificate are encoded using the SSH wire representations specified by . Additionally, the type "byte[]" indicates a sequence of bytes where the length is determined by context. All lengths are in bytes unless otherwise specified.

Public certificate format

General structure and common fields Certificates have the following general structure: string key type string nonce byte[] public key fields uint64 serial number uint32 certificate role string identifier string principals uint64 valid after uint64 valid before string critical options string extensions string reserved string signature key string signature The "key type" string identifies the certificate type, e.g. "ssh-ed25519-cert" identifies an ED25519 certificate. The valid certificate types are listed below. The "nonce" field contains a random nonce. This value MUST be at least 16 bytes in length. 32 bytes is typical. The "public key fields" section contains the actual public key material. These are specified below for each certificate type. The "certificate role" field indicates the role of the certificate, either SSH2_CERT_TYPE_USER for user authentication certificates or SSH2_CERT_TYPE_HOST authentication certificates. The "identifier" field contains a UTF-8 encoded, human-readable identifier for the certificate, suitable for display to the user, recording in logs, etc. The "principals" field contains one or more UTF-8 encoded names, themselves encoded as strings, for example: string principal[0] string principal[1] ... string principal[N] These names identify the principals the certificate is intended to authenticate. In the case of user certificates, these will typically be user names, whereas for host certificates they will be host names and/or numerical addresses. The "valid after" and "valid before" field represent a validity interval for the certificate with each field being interpreted as a number of seconds since the Unix epoch (00:00:00 UTC on 1 January 1970) except for two special values. A zero value in the "valid after" field indicates that the certificate is valid from any time to the "valid before" date. A all-1s (i.e. 0xFFFFFFFFFFFFFFFF) value in the "valid before" field indicates that the certificate has no end expiry date. The "critical options" field contains zero or more of the certificate options described in and encoded as described in . If an implementation does not recognise or support a particular option contained in a certificate, then it MUST refuse to accept the certificate for authentication. The "extensions" field similarly contains zero or more of the certificate extensions described in and encoded as described in . An implementation that does not recognise or support an extension present in a certificate extension section MUST ignore the extension. The "reserved" field is reserved for future use. Implementations MUST ignore the contents of this field if it is not empty. The "signature key" field contains the certification authority (CA) key used to sign the certificate, encoded as a SSH public key blob. Implementations MUST NOT accept certificate keys as CA keys. The "signature" field contains a signature, made using the CA signature key over the entire certificate excluding the "signature" field itself (i.e. everything from the "key type" up to and including the "signature key"). The signature is encoded using the standard SSH signature encoding for the CA key type in question, e.g. for ECDSA CA keys.

DSA certificates DSA certificates have key type "ssh-dss-cert" and certify DSA keys as defined in . This format is equivalent to the vendor extension "ssh-dss-cert-v01@openssh.com". string "ssh-dss-cert" string nonce mpint p mpint q mpint g mpint y uint64 serial number uint32 certificate role string identifier string principals uint64 valid after uint64 valid before string critical options string extensions string reserved string signature key string signature The "p", "q", "g" values are the DSA domain parameters. "y" is the public key value. These values are as defined by Section 4.1 of .

ECDSA certificates ECDSA certificates are represented by the key types "ecdsa-sha2-nistp256-cert", "ecdsa-sha2-nistp384-cert" and "ecdsa-sha2-nistp521-cert". They respectively certify "ecdsa-sha2-nistp256", "ecdsa-sha2-nistp384" and "ecdsa-sha2-nistp521" respectively, as defined by . This format is equivalent to the vendor extensions "ecdsa-sha2-nistp256-cert-v01@openssh.com", "ecdsa-sha2-nistp384-cert-v01@openssh.com" and "ecdsa-sha2-nistp521-cert-v01@openssh.com". string "ecdsa-sha2-nistp256-cert" | "ecdsa-sha2-nistp384-cert" | "ecdsa-sha2-nistp521-cert" string nonce string ecdsa_curve_name string Q uint64 serial number uint32 certificate role string identifier string principals uint64 valid after uint64 valid before string critical options string extensions string reserved string signature key string signature The value "Q" is the ECDSA public value as defined by Section 6.2 of .

EDDSA certificates EDDSA certificates have key type "ssh-ed25519-cert" or "ssh-ed448-cert" and certify Ed25519 and Ed448 keys (respectively) as defined by . This format is equivalent to the vendor extension "ssh-ed25519-cert-v01@openssh.com". string "ssh-ed25519-cert" | "ssh-ed448-cert" string nonce string ENC(A) uint64 serial number uint32 certificate role string identifier string principals uint64 valid after uint64 valid before string critical options string extensions string reserved string signature key string signature The value ENC(A) is the EDDSA public key, the contents and interpretation of which are defined by .

RSA certificates RSA certificates have type "ssh-rsa-cert". These certify RSA, as defined in . This format is equivalent to the vendor extension "ssh-rsa-cert-v01@openssh.com". string "ssh-rsa-cert" string nonce mpint e mpint n uint64 serial number uint32 certificate role string identifier string principals uint64 valid after uint64 valid before string critical options string extensions string reserved string signature key string signature "n" is the public composite modulus and "e" is the public exponent. These values are defined by Section 5.1 of .

RSA SHA2 signature algorithms specifies RSA variants that use SHA256 and SHA512. Advertising support for these algorithms with certificates (e.g. in the SSH_MSG_KEXINIT server_host_key_algorithms field) is possible using the algorithm names "rsa-sha2-256-cert" and "rsa-sha2-512-cert". These names should only be used when advertising or requesting signature algorithms and should never appear as the key type in serialised public keys. The equivalent pre-standardisation vendor extension names are "rsa-sha2-256-cert-v01@openssh.com" and "rsa-sha2-512-cert-v01@openssh.com".

Other certificate formats SSH clients and server clients MAY support additional key types not documented here. Vendor-specific key types should use the domain-qualified naming convention defined in .

Option / extension encoding The "critical options" and "extensions" certificate sections use the same format for encoding, though they differ in how unsupported options are handled. Both sections consist of zero or more key/value pairs, encoded as a pair of strings: string key string value "key" should be a UTF-8 encoded string that identifies the option being encoded. Available keys for extensions and for critical options sections are listed below, but implementations may add their own options using the domain-qualified naming convention defined in . The contents and format of "value" are specific to each option or extension. Key/value pairs MUST be ordered lexically by key name. A common pattern for flag-type options is for the value to be the empty string. For example, this is a complete extensions section that encodes a single flag value "permit-user-rc". 00000016 # Extensions section len=22 0000000e # 1st key string len=14 7065726d69742d757365722d7263 # "permit-user-rc" 00000000 # 1st value string len=0 For options whose values encode textual values, it is common for the value to contain a nested string. For example, the following is a complete critical options section that sets a string-values option "force-command" to the value "sftp". 0000001d # Criticial options len=29 0000000d # 1st key string len=13 666f7263652d636f6d6d616e64 # "force-command" 00000008 # 1st value string len=8 00000004 # value body string len=4 73667470 # "sftp" Finally, the following is an example of a critical options section that contains a flag option "foo@example.com" and a string-valued option "force-command" with a the value "sftp". 00000038 # Criticial options len=56 0000000f # 1st key string len=15 666f6f406578616d706c652e636f6d # "foo@example.com" 00000000 # 1st value string len=0 0000000d # 2nd key string len=13 666f7263652d636f6d6d616e64 # "force-command" 00000008 # 2nd value string len=8 00000004 # value body string len=4 73667470 # "sftp"

Certificate extensions Certificate extensions are encoded using the rules in . When an implementation encounters an extension it does not recognise or support, it MUST ignore it and continue processing the certificate without error. There are no defined certificate extensions for host certificates. The initially defined certificate extensions for user certificates are:

no-touch-required: Valid for key types that support user-presence assertions in their signatures (such as FIDO-backed keys). This option indicates that signatures made with this certificate that do not assert user-presence should be accepted, reversing the default behaviour of refusing such signatures. Note that no such key types are currently standardised, but some SSH implementation support them as vendor extensions. This is a flag-type option. Its value is the empty string.
permit-agent-forwarding: Indicates that sessions authenticated with this certificate may request authentication agent forwarding . Certificates that lack this extension MUST not permit this protocol feature be enabled on SSH server implementations that support it. This is a flag-type option. Its value is the empty string.
permit-port-forwarding: Indicates that sessions authenticated with this certificate may request authentication TCP forwarding using the "tcpip-forward" and/or "direct-tcpip" SSH channel requests defined in . Certificates that lack this extension MUST not permit these protocol features be enabled on SSH server implementations that support them. This is a flag-type option. Its value is the empty string.
permit-pty: Indicates that sessions authenticated with this certificate may request pseudo-terminal allocation using the "pty-req" SSH channel request defined in . Certificates that lack this extension MUST not permit this protocol feature be enabled on SSH server implementations that support it. This is a flag-type option. Its value is the empty string.
permit-user-rc: Indicates that sessions authenticated with this certificate may execute optional SSH-specific user initialisation scripts (e.g. "~/.ssh/rc"). Certificates that lack this extension MUST not process these scripts on SSH server implementations that support them. This is a flag-type option. Its value is the empty string.
permit-X11-forwarding: Indicates that sessions authenticated with this certificate may request X11 protocol forwarding using the "x11-req" SSH channel request defined in . Certificates that lack this extension MUST not permit this protocol feature be enabled on SSH server implementations that support it. This is a flag-type option. Its value is the empty string.

SSH implementations may define additional vendor extensions using the domain-qualified naming convention defined in .

Critical options Certificate critical options are encoded using the rules in . When an implementation encounters an option it does not recognise or support, it MUST refuse to accept the certificate for authorisation decisions. There are no defined critical options for host certificates. The initially defined critical options for user certificates are:

force-command: Forces the execution of the specified command for any session () of type "exec" or "shell" and overrides the subsystem name for sessions of type "subsystem". This is a string-type option. Its value contains a nested string which holds the command string.
source-address: Provides an allow-list of source addresses from which the certificate is valid. The address list consists of zero or more CIDR ranges (e.g. "192.0.2.0/29") or wildcard addresses (e.g. "192.0.2.*") separated by commas. If this option is present, servers MUST refuse connections from sources that are not listed. This is a string-type option. Its value contains a nested string which holds the allow-list.
verify-required: Valid for key types that support user verification assertions in their signatures (such as FIDO-backed keys). This option indicates that signatures made with this certificate that must require this assertion to be present in the signature and that servers MUST refuse authentication if it is absent. Note that no such key types are currently standardised, but some SSH implementation support them as vendor extensions. This is a flag-type option. Its value is the empty string.

SSH implementations may define additional vendor extensions using the domain-qualified naming convention defined in .

Private certificate format For cases where a certificate and its associated private key must be serialised, such as adding one to a SSH authentication agent , the following format is used; string key type string certificate blob byte[] private key fields Where "key type" is the type of the certificate being encoded (e.g. "ssh-rsa-cert"), "certificate blob" is the entire encoded certificate as described in and "private key fields" contain the encoded private key values as described in the following sections.

DSA certificates DSA certificates with private keys use the following encoding format. string "ssh-dss-cert" string certificate blob mpint x The "x" parameter is defined as per Section 4.1 of .

ECDSA certificates ECDSA certificates with private keys use the following encoding format. string "ecdsa-sha2-nistp256-cert" | "ecdsa-sha2-nistp384-cert" | "ecdsa-sha2-nistp521-cert" string certificate blob mpint d The "d" value is defined by Section 6.2 of .

EDDSA certificates EDDSA certificates with private keys use the following encoding format. string "ssh-ed25519-cert" | "ssh-ed448-cert" string certificate blob string k || ENC(A) The encoded value is a concatenation of the private key k and the public ENC(A) key. The contents and interpretation of the ENC(A) and k values are defined by .

RSA certificates RSA certificates with private keys use the following encoding format. string "ssh-rsa-cert" string certificate blob mpint d mpint iqmp mpint p mpint q "p" and "q" are its constituent private prime factors. "iqmp" is the inverse of "q" modulo "p". All these values except "iqmp" (which can be calculated from the others) are defined by Section 5.1 of .

Using certificates Certificates may be appear and be used any place in the SSH protocol where plain keys are used. In particular, they may be used for server authentication or for user public-key authentication. For each of these cases, the certificate, encoded as per appears in place of the encoded key.

Implementations that accept a certificate MUST verify the CA signature over the certificate contents prior to making any authentication or authorisation decisions. Implementations MAY elect to verify the certificate signature as soon as the certificate is received. When making authentication or authorisation decisions with a certificate, implementations:

MUST check that the certificate is well-formed
MUST ensure that no unsupported critical options are present
MUST check that the "certificate role" matches the intended decision type (user or host authentication)
MUST check the time against the certificate validity interval
MUST verify that at least one of the listed certificate principals is accepted
MUST perform any additional authorisation operations required by critical options.

When signatures are required, they are made and formatted using the same rules for the underlying plain key type. For example, a "ssh-rsa-cert" could produce signatures of types "ssh-rsa" using the rules from , or "rsa-sha2-256" or "rsa-sha2-512" using the rules from .

Certificate host keys may be used for server authentication as part of the initial key exchange or for subsequent re-exchange. To use a certificate host key, its key type name (e.g. "ssh-ed25519-cert") must appear in the server_host_key_algorithms of the SSH_MSG_KEXINIT (). If negotiated by both the server and the client, then a certificate of the agreed type may take the place of the plain host key in the final reply message. For example in ECDH host authentication (), host authentication occurs in the final SSH_MSG_KEX_ECDH_REPLY message: byte SSH_MSG_KEX_ECDH_REPLY string K_S, server's certificate string Q_S, server's ephemeral ECDH public key string the signature on the exchange hash Certificates used for host authentication MUST have "certificate role" of SSH2_CERT_TYPE_HOST. Other certificate types MUST NOT be accepted. Certificate host keys list hostnames and/or IP addresses for the host in their "principals" section. Clients MUST match the hostname or address thay are using for the host against the principals in this list and refuse to authorise the certificate if it is absent. Clients that accept certified host keys MAY downgrade the certificate to a plain public key and process it accordingly, if they are unable to verify the certificate. This allows recovery from the situation where the endpoints negotiate use of a cerificate host key but the client is not able to authorise the certificate contents, perhaps because the CA is not trusted or because the host name the client is using does not match any in the certificate.

For user public key authentication No prior negotiation is needed to send a user authentication attempt that contains a certificate, though clients may wish to filter the ones they send against the server's list of accepted publickey authentication signature algorithms if one was provided via the SSH_MSG_EXT_INFO mechanism. Certificates used for user authentication MUST have "certificate role" of SSH2_CERT_TYPE_USER. Other certificate types MUST not be accepted. Certificate keys for user authentication list one or more user principal names in their "principals" section. Interpretation and authorisation of principal names for a given target user name is fully determined by the server. In the trivial case, a certificate may list user names directly and the server merely matches the user name in the SSH_MSG_USERAUTH_REQUEST () to one of the principals in the certificate. To make a user authentication attempt using a certificate user key, the certificate takes the place of the plain public key in a SSH_MSG_USERAUTH_REQUEST message. For example: byte SSH_MSG_USERAUTH_REQUEST string user name string service name string "publickey" boolean TRUE string certificate key algorithm name string encoded certificate string signature

Protocol numbers

The following numbers are used for certificate types: SSH2_CERT_TYPE_USER 1 SSH2_CERT_TYPE_HOST 2

IANA Considerations This format requires creation of one new registry and additions to an existing registry.

IANA is requested to insert the following entries into the table Public Key Algorithm Names under Secure Shell (SSH) Protocol Parameters registry group .

Key type name	Reference
ssh-dss-cert
ecdsa-sha2-nistp256-cert
ecdsa-sha2-nistp384-cert
ecdsa-sha2-nistp521-cert
ssh-ed25519-cert
ssh-ed448-cert
ssh-rsa-cert
rsa-sha2-256-cert
rsa-sha2-512-cert

This registry, titled "Certificate Extension Identifiers" records identifiers for certificate extensions. It should be created in the Secure Shell (SSH) Protocol Parameters registry group . Its initial state should consist of the following names. Future name allocations shall occur via EXPERT REVIEW as per .

Extension name	Reference
no-touch-required
permit-agent-forwarding
permit-port-forwarding
permit-pty
permit-user-rc
permit-X11-forwarding

This registry, titled "Certificate Critical Option Identifiers" records identifiers for certificate critical options. It should be created in the Secure Shell (SSH) Protocol Parameters registry group . Its initial state should consist of the following names. Future names allocations shall occur via EXPERT REVIEW as per .

Option name	Reference
force-command
source-address
verify-required

This registry, titled "Certificate Type Numbers" records the numbers used to indicate the types of certificates. It should be created in the Secure Shell (SSH) Protocol Parameters registry group . Its initial state should consist of the following numbers. Future message number allocations shall occur via EXPERT REVIEW as per .

Number	Identifier	Reference
1	SSH2_CERT_TYPE_USER
2	SSH2_CERT_TYPE_HOST

Security Considerations The security of any public key certificate system depends ultimately on the certification authority (CA). If the certification authority can be pursuaded by an attacker to sign certificates that are not intended, or if the private key material for the CA is leaked to an attacker, then the attacker gains the ability to create improper certificates that will be accepted by all endpoints that trust the CA. Specifying the exact process by which certificates are issued and the operational requirements of running a CA is beyond the scope of this document, but certification authorities MUST ensure that signing requests are authentic and that they are authorised by the CA's policy. Similarly, CAs MUST protect their private key material against theft, accidental disclosure or leakage. Such protection may be afforded by isolating the CA private key in a separate signing service, storing it in a hardware token or security module and/or by keeping it offline except when it is explicitly needed. Certification authorities MUST select their signing key algorithm and strength to be sufficiently secure for the expected operational life of the signing key. For completeness, this document specifies certificate formats that are peers for all currently-specified SSH key and signature types, but not all SSH key and signature types are currently recommended for use. Specifically, the DSA key type (and associated certificate format) SHOULD NOT be used as the algorithm, as instantiated in SSH, is unacceptable weak as it uses a fixed 1024 bit key length, which is insufficient, and requires the use of SHA1, which is known to be broken, as a signature hash. Similarly the original "ssh-rsa" signature type also uses SHA1 as a signature hash and so SHOULD NOT be used. SSH clients, servers and other tools processing SSH certificates SHOULD implement allowlists of accepted key and signature types and SHOULD by default disallow the ssh-dss-cert certificate type and certificate signatures made using the ssh-rsa signature algorithm. This specification does not define a revocation mechanism for certificates that should no longer be accepted, for example if their private key material is known to have been compromised or if it is no longer desirable to accept the principal they identify for policy or operational reasons. Implementations that accept SSH certificates SHOULD have some mechanism to disallow individual certificates that are no longer acceptable despite their being otherwise valid. In its simplest form, this mechanism could be a simple list of certificate serial numbers to disallow, or an explicit list of certificates, encoded as serialised public keys using or another public key encoding. This document does not specify how SSH clients or servers come to trust CA keys. It is RECOMMENDED that implementations define a clear mechanism to define trust of a CA public key and its desired scope. For example, a SSH client SHOULD allow trusting a CA key for only a defined set of domain names such as subdomains of an organisation's TLD. Any limits that a client or server places on the scope of a trusted CA key MUST compose sensibly and safely with restrictions specified within certificates issued from that CA. For example, if a SSH server supports trusting a CA key but selectively disallows SSH TCP/IP port forwarding (), then the "permit-port-forwarding" critical option would not be expected to re-enable it.

Implementation Status This section records the status of known implementations of the protocol defined by this specification at the time of posting of this Internet-Draft, and is based on a proposal described in . The description of implementations in this section is intended to assist the IETF in its decision processes in progressing drafts to RFCs. Please note that the listing of any individual implementation here does not imply endorsement by the IETF. Furthermore, no effort has been spent to verify the information presented here that was supplied by IETF contributors. This is not intended as, and must not be construed to be, a catalog of available implementations or their features. Readers are advised to note that other implementations may exist. According to , "this will allow reviewers and working groups to assign due consideration to documents that have the benefit of running code, which may serve as evidence of valuable experimentation and feedback that have made the implemented protocols more mature. It is up to the individual working groups to use this information as they see fit". The following example projects maintain implementations of SSH certificates. All have implemented them in the vendor extension namespace, e.g. "ssh-rsa-cert-v01@openssh.com".

OpenSSH: OpenSSH is the originating implementation of this protocol and has supported it since 2010. Website: https://www.openssh.com/
libssh: libssh has supported this format since 2011. Website: https://www.libssh.org/
Golang x/crypto/ssh: The Go programming language project has supported an implementation of this format in its external "x" repository since 2012. Website: https://pkg.go.dev/golang.org/x/crypto/ssh
Net::SSH: The Net::SSH library has supported this format since 2014. Website: https://net-ssh.github.io/net-ssh/
AsyncSSH: The AsyncSSH library has supported this format since 2015. Website: https://github.com/ronf/asyncssh
Paramiko: The Paramiko library has supported this format since 2017 Website: https://www.paramiko.org/
Apache MINA SSHD: The Apache MINA SSHD server library has supported this format since 2020. Website: https://mina.apache.org/sshd-project/
PuTTY: The PuTTY SSH client has supported this format since 2022. Website: https://www.chiark.greenend.org.uk/~sgtatham/putty/
russh: The russh library has supported this format since 2024. Website: https://github.com/Eugeny/russh

Additionally, Google's HIBA system builds on top of the OpenSSH certificate format to perform centralised authorisation for pool of target hosts.

References Normative References Digital Signature Standard (DSS) National Institute of Standards and Technology FIPS PUB 186-4 Digital Signature Standard (DSS) National Institute of Standards and Technology FIPS PUB 186-5 Informative References Public Key Algorithm Names IANA HIBA: Host Identity Based Authorization Google

Acknowledgements Jeremy Norris and Yiyue Wang offered valuable feedback on this document.

Annotated example This is an example of a hex-encoded certificate for an ecdsa-sha2-nistp256-cert public key, signed by a ssh-ed25519 certificate authority. 0000: 0000 0018 6563 6473 612d 7368 6132 2d6e ....ecdsa-sha2-n 0010: 6973 7470 3235 362d 6365 7274 0000 0020 istp256-cert... 0020: 7ee0 cb87 8240 788b 087e 0a23 f505 1828 ~....@x..~.#...( 0030: 98e1 510f b3a2 fcf6 4086 30f6 25b1 aa19 ..Q.....@.0.%... 0040: 0000 0008 6e69 7374 7032 3536 0000 0041 ....nistp256...A 0050: 04a5 7c7c 0829 b7ee 3473 1383 52b8 afc1 ..||.)..4s..R... 0060: 673c 7145 29de 5f0f a699 4f08 6f58 8f96 g<qE)._...O.oX.. 0070: c9ad 70d3 0b20 a4e9 3558 ffd3 f85d ddfa ..p.. ..5X...].. 0080: 313d 294b 2b9f 2862 dd2b 5831 3688 065c 1=)K+.(b.+X16..\ 0090: 52ab 54a9 8ceb 1f0a d200 0000 0100 0000 R.T............. 00a0: 136a 6f73 6566 2e6b 4065 7861 6d70 6c65 .josef.k@example 00b0: 2e6f 7267 0000 001e 0000 0007 6a6f 7365 .org........jose 00c0: 662e 6b00 0000 0f45 5841 4d50 4c45 5c6a f.k....EXAMPLE\j 00d0: 6f73 6566 2e6b 0000 0000 4d4a 2972 0000 osef.k....MJ)r.. 00e0: 0000 82e9 0790 0000 0020 0000 000d 666f ......... ....fo 00f0: 7263 652d 636f 6d6d 616e 6400 0000 0b00 rce-command..... 0100: 0000 0765 7865 6375 7465 0000 0082 0000 ...execute...... 0110: 0015 7065 726d 6974 2d58 3131 2d66 6f72 ..permit-X11-for 0120: 7761 7264 696e 6700 0000 0000 0000 1770 warding........p 0130: 6572 6d69 742d 6167 656e 742d 666f 7277 ermit-agent-forw 0140: 6172 6469 6e67 0000 0000 0000 0016 7065 arding........pe 0150: 726d 6974 2d70 6f72 742d 666f 7277 6172 rmit-port-forwar 0160: 6469 6e67 0000 0000 0000 000a 7065 726d ding........perm 0170: 6974 2d70 7479 0000 0000 0000 000e 7065 it-pty........pe 0180: 726d 6974 2d75 7365 722d 7263 0000 0000 rmit-user-rc.... 0190: 0000 0000 0000 0033 0000 000b 7373 682d .......3....ssh- 01a0: 6564 3235 3531 3900 0000 20d5 258d f8cb ed25519... .%... 01b0: 1bda 81d7 9a2f 6b4d 1304 d497 0add 67eb ...../kM......g. 01c0: 04b9 d5de 47d9 cc0c d5ff 5000 0000 5300 ....G.....P...S. 01d0: 0000 0b73 7368 2d65 6432 3535 3139 0000 ...ssh-ed25519.. 01e0: 0040 5864 29cc 18fd 8b1d 19f3 210e c11e .@Xd).......!... 01f0: 43a9 bde1 90e6 0505 8733 d333 e806 5381 C........3.3..S. 0200: 81b4 d847 6efa 3889 6706 30ea 8117 f2e5 ...Gn.8.g.0..... 0210: 25c4 6e6e 2378 5e27 1c25 7653 3af5 ca9f %.nn#x^'.%vS:... 0220: 0b05 0a This is an annotated version of the above certificate. Note that all offsets are inclusive, e.g. "0010-0013" refers to a four-byte sequence. # 0000-001b: 0018 6563 6473 ... 7274 string key type name "ecdsa-sha2-nistp256-cert" # 001c-003f: 0020 7ee0 cb87 ... aa19 string nonce # 0040-004b: 0008 6e69 7374 7032 3536 string ECDSA curve name "nistp256" # 004c-0090: 0000 0041 04a5 7c7c ... 5c52 string ECDSA Q point # 0091-0098: ab54 a98c eb1f 0ad2 (12345678901234567890) uint64 serial number # 0099-009c: 0000 0001 (SSH2_CERT_TYPE_USER) uint32 certificate role # 009d-00b3: 0000 0013 6a6f ... 7267 string identifier "josef.k@example.org" # 00b4-00d5: 0000 001e 0000 0007 ... 0790 string principals # 00b8-00c2: 0000 0007 6a6f 7365 662e 6b string principal[0] = "josef.k" # 00c3-00d5: 000f 4558 414d 504c 455c 6a6f 7365 662e 6b string principal[1] = "EXAMPLE\josef.k" # 00d6-00dd: 0000 0000 4d4a 2972 uint64 valid after = 2011/02/03T04:05:06 UTC # 00de-00e5: 0000 0000 82e9 0790 uint64 valid before = 2039/08/07T06:05:04 UTC # 00e6-0109: 0020 0000 000d ... 7465 string critical options # 00ea-00fa: 0000 000d 666f 7263 652d 636f 6d6d 616e 64 string key[0] = "force-command" # 00fb-0109: 0000 000b 0000 0007 6578 6563 7574 65 string value[0] # 00ff-0109: 0000 0007 6578 6563 7574 65 string "execute" # 010a-0190: 0000 0082 0000 0015 ... 7263 string extensions # 010e-0126: 0000 0015 7065 ... 6e67 string key[0] = "permit-X11-forwarding" # 0127-012a: 0000 0000 string value[0] = (empty) # 012b-0145: 0000 0017 7065 726d ... 6e67 string key[1] = "permit-agent-forwarding" # 0146-0149: 0000 0000 string value[1] = (empty) # 014a-0163 0000 0016 7065 ... 6e67 string key[2] = "permit-port-forwarding" # 0164-0167: 0000 0000 string value[2] = (empty) # 0168-0175: 0000 000a 7065 726d 6974 2d70 7479 string key[3] = "permit-pty" # 0176-0179: 0000 0000 string value[3] = (empty) # 017a-018b: 0000 000e 7065 726d 6974 2d75 7365 722d 7263 string key[4] = "permit-user-rc" # 018c-018f: 0000 0000 string value[4] = (empty) # 0190-0193: 0000 0000 string reserved = (empty) # 0194-01ca: 0000 0033 0000 000b ... ff50 string signature key (ssh-ed25519) # 01cb-0222: 0000 0053 0000 000b ... 050a string signature (ssh-ed25519)

Example certificates This section contains non-annotated example certificates for several different signature algorithms, with both the public and private encodings included. All certificates in this section are self-signed and have identical certificate fields. In all cases, the validity interval is 2020-01-01T00:00:00Z to 2050-12-31T23:59:59Z. On each line, the first four characters before the colon represent a hexadecimal offset from the start of the certificate. This is followed by up to sixteen bytes of data, also encoded as hexadecimal. Only the final line of data may have fewer than sixteen characters present. Finally at the end of the line is an ASCII rendering of that line's data, with non-printable characters replaced by '.'.

Example ssh-ed25519-cert Public certificate ..=d.... 0050: f8e7 74d1 4044 bc5d 8be8 eec5 0000 0000 ..t.@D.]........ 0060: 075b cd15 0000 0001 0000 0006 6772 6567 .[..........greg 0070: 6f72 0000 0019 0000 0006 6772 6567 6f72 or........gregor 0080: 0000 000b 6772 6567 6f72 7361 6d73 6100 ....gregorsamsa. 0090: 0000 005e 0be1 0000 0000 0098 5b1c df00 ...^........[... 00a0: 0000 4b00 0000 0d66 6f72 6365 2d63 6f6d ..K....force-com 00b0: 6d61 6e64 0000 000d 0000 0009 2f62 696e mand......../bin 00c0: 2f74 7275 6500 0000 0e73 6f75 7263 652d /true....source- 00d0: 6164 6472 6573 7300 0000 1300 0000 0f31 address........1 00e0: 3237 2e30 2e30 2e30 2f38 2c3a 3a31 0000 27.0.0.0/8,::1.. 00f0: 0082 0000 0015 7065 726d 6974 2d58 3131 ......permit-X11 0100: 2d66 6f72 7761 7264 696e 6700 0000 0000 -forwarding..... 0110: 0000 1770 6572 6d69 742d 6167 656e 742d ...permit-agent- 0120: 666f 7277 6172 6469 6e67 0000 0000 0000 forwarding...... 0130: 0016 7065 726d 6974 2d70 6f72 742d 666f ..permit-port-fo 0140: 7277 6172 6469 6e67 0000 0000 0000 000a rwarding........ 0150: 7065 726d 6974 2d70 7479 0000 0000 0000 permit-pty...... 0160: 000e 7065 726d 6974 2d75 7365 722d 7263 ..permit-user-rc 0170: 0000 0000 0000 0000 0000 0033 0000 000b ...........3.... 0180: 7373 682d 6564 3235 3531 3900 0000 2044 ssh-ed25519... D 0190: 7c22 f946 0fd9 5a5e b8da 3ebe fc3d 6414 |".F..Z^..>..=d. 01a0: ca0e 1af8 e774 d140 44bc 5d8b e8ee c500 .....t.@D.]..... 01b0: 0000 5300 0000 0b73 7368 2d65 6432 3535 ..S....ssh-ed255 01c0: 3139 0000 0040 3131 1578 758b b5d8 64d5 19...@11.xu...d. 01d0: 5aad cd95 8d06 a7af eb87 6233 954c 4045 Z.........b3.L@E 01e0: 28c6 2b32 7bcf 5a9d 9193 6a9a f42b 74e1 (.+2{.Z...j..+t. 01f0: 7e37 0d4b 826e 7572 2e20 24c4 416a 7f0d ~7.K.nur. $.Aj.. 0200: 2df8 fff2 9e03 0a -...... ]]> Private certificate 0060: befc 3d64 14ca 0e1a f8e7 74d1 4044 bc5d ..=d......t.@D.] 0070: 8be8 eec5 0000 0000 075b cd15 0000 0001 .........[...... 0080: 0000 0006 6772 6567 6f72 0000 0019 0000 ....gregor...... 0090: 0006 6772 6567 6f72 0000 000b 6772 6567 ..gregor....greg 00a0: 6f72 7361 6d73 6100 0000 005e 0be1 0000 orsamsa....^.... 00b0: 0000 0098 5b1c df00 0000 4b00 0000 0d66 ....[.....K....f 00c0: 6f72 6365 2d63 6f6d 6d61 6e64 0000 000d orce-command.... 00d0: 0000 0009 2f62 696e 2f74 7275 6500 0000 ..../bin/true... 00e0: 0e73 6f75 7263 652d 6164 6472 6573 7300 .source-address. 00f0: 0000 1300 0000 0f31 3237 2e30 2e30 2e30 .......127.0.0.0 0100: 2f38 2c3a 3a31 0000 0082 0000 0015 7065 /8,::1........pe 0110: 726d 6974 2d58 3131 2d66 6f72 7761 7264 rmit-X11-forward 0120: 696e 6700 0000 0000 0000 1770 6572 6d69 ing........permi 0130: 742d 6167 656e 742d 666f 7277 6172 6469 t-agent-forwardi 0140: 6e67 0000 0000 0000 0016 7065 726d 6974 ng........permit 0150: 2d70 6f72 742d 666f 7277 6172 6469 6e67 -port-forwarding 0160: 0000 0000 0000 000a 7065 726d 6974 2d70 ........permit-p 0170: 7479 0000 0000 0000 000e 7065 726d 6974 ty........permit 0180: 2d75 7365 722d 7263 0000 0000 0000 0000 -user-rc........ 0190: 0000 0033 0000 000b 7373 682d 6564 3235 ...3....ssh-ed25 01a0: 3531 3900 0000 2044 7c22 f946 0fd9 5a5e 519... D|".F..Z^ 01b0: b8da 3ebe fc3d 6414 ca0e 1af8 e774 d140 ..>..=d......t.@ 01c0: 44bc 5d8b e8ee c500 0000 5300 0000 0b73 D.].......S....s 01d0: 7368 2d65 6432 3535 3139 0000 0040 3131 sh-ed25519...@11 01e0: 1578 758b b5d8 64d5 5aad cd95 8d06 a7af .xu...d.Z....... 01f0: eb87 6233 954c 4045 28c6 2b32 7bcf 5a9d ..b3.L@E(.+2{.Z. 0200: 9193 6a9a f42b 74e1 7e37 0d4b 826e 7572 ..j..+t.~7.K.nur 0210: 2e20 24c4 416a 7f0d 2df8 fff2 9e03 0000 . $.Aj..-....... 0220: 0020 447c 22f9 460f d95a 5eb8 da3e befc . D|".F..Z^..>.. 0230: 3d64 14ca 0e1a f8e7 74d1 4044 bc5d 8be8 =d......t.@D.].. 0240: eec5 0000 0040 341a d7c1 b87f 3eb5 2eb5 .....@4.....>... 0250: dd8c 4b23 5dc9 b67b 7fe4 8505 3704 6c3d ..K#]..{....7.l= 0260: c191 ba63 3133 447c 22f9 460f d95a 5eb8 ...c13D|".F..Z^. 0270: da3e befc 3d64 14ca 0e1a f8e7 74d1 4044 .>..=d......t.@D 0280: bc5d 8be8 eec5 .].... ]]>

Example ssh-rsa-cert U.............. 0040: b2e1 917d 6ee9 3029 4f41 9736 3bf5 1869 ...}n.0)OA.6;..i 0050: d6ee 1a8a ee8a a0ef 6405 5fb9 42fa 255e ........d._.B.%^ 0060: 99f7 6982 b0ba ca6c e787 a943 2a39 3827 ..i....l...C*98' 0070: d49f c7dd 4897 9522 c7f1 b2d6 cd50 3bb6 ....H..".....P;. 0080: 6930 8c9f 82e2 a6e9 6816 0315 f0f4 e002 i0......h....... 0090: c832 4981 5f3c 05c4 842f 770e 08dc 132b .2I._<.../w....+ 00a0: 312f acf9 a24f 2ab8 f7b5 bf83 6f95 5b83 1/...O*.....o.[. 00b0: 21eb e291 c323 a07d dbb0 96dd d0cf 7bf7 !....#.}......{. 00c0: 1652 3a4e 9f6d bd35 054e 4630 b73a 3be6 .R:N.m.5.NF0.:;. 00d0: 1f4d 420f b498 883e b76f 4254 ab37 33f0 .MB....>.oBT.73. 00e0: 7a89 99c2 1155 8ae1 a6e0 54e1 096b cb96 z....U....T..k.. 00f0: b368 c956 45f4 b08d f1eb ac62 ced4 4b51 .h.VE......b..KQ 0100: 24e2 2ecd 14cb 8805 3132 9c8e 2800 276a $.......12..(.'j 0110: 4f2c f9bb 0847 11c0 301f fc88 d830 3c15 O,...G..0....0<. 0120: 360f f407 d893 5310 b37e 9838 79a8 8fbe 6.....S..~.8y... 0130: fc31 7b39 a13a 0195 0e21 6678 23cf ad14 .1{9.:...!fx#... 0140: be25 31c8 f2a6 108c 3d92 cf69 0c2e af2a .%1.....=..i...* 0150: b673 ca4d 18a2 078b e726 cf41 02b3 0656 .s.M.....&.A...V 0160: fb7f aba4 6a30 7c6f ede0 5771 7afa 2206 ....j0|o..Wqz.". 0170: 9a1d 95c1 4c94 d496 a7c8 3722 bd0f 28e5 ....L.....7"..(. 0180: 244e b2c6 5307 0ec3 86a5 d0f0 26b1 b079 $N..S.......&..y 0190: 8732 c733 3966 fd10 c932 1502 3527 a779 .2.39f...2..5'.y 01a0: 26e6 5cbf ea0c 86bb 535b 8bc7 4330 7517 &.\.....S[..C0u. 01b0: fc7f 3506 2062 70d4 4598 ca7e 3777 8f13 ..5. bp.E..~7w.. 01c0: 0000 0000 075b cd15 0000 0001 0000 0006 .....[.......... 01d0: 6772 6567 6f72 0000 0019 0000 0006 6772 gregor........gr 01e0: 6567 6f72 0000 000b 6772 6567 6f72 7361 egor....gregorsa 01f0: 6d73 6100 0000 005e 0be1 0000 0000 0098 msa....^........ 0200: 5b1c df00 0000 4b00 0000 0d66 6f72 6365 [.....K....force 0210: 2d63 6f6d 6d61 6e64 0000 000d 0000 0009 -command........ 0220: 2f62 696e 2f74 7275 6500 0000 0e73 6f75 /bin/true....sou 0230: 7263 652d 6164 6472 6573 7300 0000 1300 rce-address..... 0240: 0000 0f31 3237 2e30 2e30 2e30 2f38 2c3a ...127.0.0.0/8,: 0250: 3a31 0000 0082 0000 0015 7065 726d 6974 :1........permit 0260: 2d58 3131 2d66 6f72 7761 7264 696e 6700 -X11-forwarding. 0270: 0000 0000 0000 1770 6572 6d69 742d 6167 .......permit-ag 0280: 656e 742d 666f 7277 6172 6469 6e67 0000 ent-forwarding.. 0290: 0000 0000 0016 7065 726d 6974 2d70 6f72 ......permit-por 02a0: 742d 666f 7277 6172 6469 6e67 0000 0000 t-forwarding.... 02b0: 0000 000a 7065 726d 6974 2d70 7479 0000 ....permit-pty.. 02c0: 0000 0000 000e 7065 726d 6974 2d75 7365 ......permit-use 02d0: 722d 7263 0000 0000 0000 0000 0000 0197 r-rc............ 02e0: 0000 0007 7373 682d 7273 6100 0000 0301 ....ssh-rsa..... 02f0: 0001 0000 0181 00b2 e191 7d6e e930 294f ..........}n.0)O 0300: 4197 363b f518 69d6 ee1a 8aee 8aa0 ef64 A.6;..i........d 0310: 055f b942 fa25 5e99 f769 82b0 baca 6ce7 ._.B.%^..i....l. 0320: 87a9 432a 3938 27d4 9fc7 dd48 9795 22c7 ..C*98'....H..". 0330: f1b2 d6cd 503b b669 308c 9f82 e2a6 e968 ....P;.i0......h 0340: 1603 15f0 f4e0 02c8 3249 815f 3c05 c484 ........2I._<... 0350: 2f77 0e08 dc13 2b31 2fac f9a2 4f2a b8f7 /w....+1/...O*.. 0360: b5bf 836f 955b 8321 ebe2 91c3 23a0 7ddb ...o.[.!....#.}. 0370: b096 ddd0 cf7b f716 523a 4e9f 6dbd 3505 .....{..R:N.m.5. 0380: 4e46 30b7 3a3b e61f 4d42 0fb4 9888 3eb7 NF0.:;..MB....>. 0390: 6f42 54ab 3733 f07a 8999 c211 558a e1a6 oBT.73.z....U... 03a0: e054 e109 6bcb 96b3 68c9 5645 f4b0 8df1 .T..k...h.VE.... 03b0: ebac 62ce d44b 5124 e22e cd14 cb88 0531 ..b..KQ$.......1 03c0: 329c 8e28 0027 6a4f 2cf9 bb08 4711 c030 2..(.'jO,...G..0 03d0: 1ffc 88d8 303c 1536 0ff4 07d8 9353 10b3 ....0<.6.....S.. 03e0: 7e98 3879 a88f befc 317b 39a1 3a01 950e ~.8y....1{9.:... 03f0: 2166 7823 cfad 14be 2531 c8f2 a610 8c3d !fx#....%1.....= 0400: 92cf 690c 2eaf 2ab6 73ca 4d18 a207 8be7 ..i...*.s.M..... 0410: 26cf 4102 b306 56fb 7fab a46a 307c 6fed &.A...V....j0|o. 0420: e057 717a fa22 069a 1d95 c14c 94d4 96a7 .Wqz.".....L.... 0430: c837 22bd 0f28 e524 4eb2 c653 070e c386 .7"..(.$N..S.... 0440: a5d0 f026 b1b0 7987 32c7 3339 66fd 10c9 ...&..y.2.39f... 0450: 3215 0235 27a7 7926 e65c bfea 0c86 bb53 2..5'.y&.\.....S 0460: 5b8b c743 3075 17fc 7f35 0620 6270 d445 [..C0u...5. bp.E 0470: 98ca 7e37 778f 1300 0001 9400 0000 0c72 ..~7w..........r 0480: 7361 2d73 6861 322d 3531 3200 0001 8032 sa-sha2-512....2 0490: 472d 6129 fbbb ecac 4199 4bb1 1fc7 b140 G-a)....A.K....@ 04a0: d857 2214 b4dc 1e5e 8712 0d43 d176 4647 .W"....^...C.vFG 04b0: 137a 58f5 c4ec c12c 6c94 615e c9fe 0fbc .zX....,l.a^.... 04c0: 895f a618 2076 486b e421 24e2 eafb a186 ._.. vHk.!$..... 04d0: d729 4052 47d5 c858 17a7 0292 83dc 27e4 .)@RG..X......'. 04e0: b310 5220 611d 04e0 4bab 0591 3fb6 fc5d ..R a...K...?..] 04f0: 3b7d acf4 f32b a1d4 b16a bae3 0316 27e7 ;}...+...j....'. 0500: 5fb0 34ed 608f a1c0 dc31 d253 7807 5c08 _.4.`....1.Sx.\. 0510: 2806 b412 6265 ec78 51c7 473c 7d77 e4c1 (...be.xQ.G<}w.. 0520: db8b 4876 d0d5 f479 e721 63d6 cfde 754b ..Hv...y.!c...uK 0530: 1f59 7db1 5dbc d281 5ca5 dac7 4ab5 3dc3 .Y}.]...\...J.=. 0540: 3cef 211c 1b15 be36 442b cf29 e906 cbc2 <.!....6D+.).... 0550: 0c84 040b 1b9d 4b22 dca8 fd88 2e42 5089 ......K".....BP. 0560: 9606 158f a499 a057 948e e49a f612 b3fb .......W........ 0570: 3490 71b7 cfa9 f8c2 9bc4 c596 8466 4776 4.q..........fGv 0580: c265 47dc 43d7 4741 1fb3 2231 21e6 e5c7 .eG.C.GA.."1!... 0590: 92c8 f637 d1c0 2c53 0d04 0281 8593 26ad ...7..,S......&. 05a0: c004 4f40 ee2a efef fdba 1b60 dfe9 187f ..O@.*.....`.... 05b0: 55e7 829d 4a6b e97b 94ae fe3d 8518 36ea U...Jk.{...=..6. 05c0: d829 1665 af4a 2f52 03be 78de 8cf7 9861 .).e.J/R..x....a 05d0: 83ac 1347 2ab6 2ec4 5e2b f103 16f5 bc4d ...G*...^+.....M 05e0: 1ba4 9e5d 14d4 ed5a 0e78 e76a 1e55 8d3c ...]...Z.x.j.U.< 05f0: 58fc 4b01 726f 1a8e 56dd 86d4 16a7 fcea X.K.ro..V....... 0600: 9d0f 009f 5b30 2719 cf83 4334 7045 c10a ....[0'...C4pE.. ]]> Private certificate U.......... 0050: 0001 8100 b2e1 917d 6ee9 3029 4f41 9736 .......}n.0)OA.6 0060: 3bf5 1869 d6ee 1a8a ee8a a0ef 6405 5fb9 ;..i........d._. 0070: 42fa 255e 99f7 6982 b0ba ca6c e787 a943 B.%^..i....l...C 0080: 2a39 3827 d49f c7dd 4897 9522 c7f1 b2d6 *98'....H..".... 0090: cd50 3bb6 6930 8c9f 82e2 a6e9 6816 0315 .P;.i0......h... 00a0: f0f4 e002 c832 4981 5f3c 05c4 842f 770e .....2I._<.../w. 00b0: 08dc 132b 312f acf9 a24f 2ab8 f7b5 bf83 ...+1/...O*..... 00c0: 6f95 5b83 21eb e291 c323 a07d dbb0 96dd o.[.!....#.}.... 00d0: d0cf 7bf7 1652 3a4e 9f6d bd35 054e 4630 ..{..R:N.m.5.NF0 00e0: b73a 3be6 1f4d 420f b498 883e b76f 4254 .:;..MB....>.oBT 00f0: ab37 33f0 7a89 99c2 1155 8ae1 a6e0 54e1 .73.z....U....T. 0100: 096b cb96 b368 c956 45f4 b08d f1eb ac62 .k...h.VE......b 0110: ced4 4b51 24e2 2ecd 14cb 8805 3132 9c8e ..KQ$.......12.. 0120: 2800 276a 4f2c f9bb 0847 11c0 301f fc88 (.'jO,...G..0... 0130: d830 3c15 360f f407 d893 5310 b37e 9838 .0<.6.....S..~.8 0140: 79a8 8fbe fc31 7b39 a13a 0195 0e21 6678 y....1{9.:...!fx 0150: 23cf ad14 be25 31c8 f2a6 108c 3d92 cf69 #....%1.....=..i 0160: 0c2e af2a b673 ca4d 18a2 078b e726 cf41 ...*.s.M.....&.A 0170: 02b3 0656 fb7f aba4 6a30 7c6f ede0 5771 ...V....j0|o..Wq 0180: 7afa 2206 9a1d 95c1 4c94 d496 a7c8 3722 z.".....L.....7" 0190: bd0f 28e5 244e b2c6 5307 0ec3 86a5 d0f0 ..(.$N..S....... 01a0: 26b1 b079 8732 c733 3966 fd10 c932 1502 &..y.2.39f...2.. 01b0: 3527 a779 26e6 5cbf ea0c 86bb 535b 8bc7 5'.y&.\.....S[.. 01c0: 4330 7517 fc7f 3506 2062 70d4 4598 ca7e C0u...5. bp.E..~ 01d0: 3777 8f13 0000 0000 075b cd15 0000 0001 7w.......[...... 01e0: 0000 0006 6772 6567 6f72 0000 0019 0000 ....gregor...... 01f0: 0006 6772 6567 6f72 0000 000b 6772 6567 ..gregor....greg 0200: 6f72 7361 6d73 6100 0000 005e 0be1 0000 orsamsa....^.... 0210: 0000 0098 5b1c df00 0000 4b00 0000 0d66 ....[.....K....f 0220: 6f72 6365 2d63 6f6d 6d61 6e64 0000 000d orce-command.... 0230: 0000 0009 2f62 696e 2f74 7275 6500 0000 ..../bin/true... 0240: 0e73 6f75 7263 652d 6164 6472 6573 7300 .source-address. 0250: 0000 1300 0000 0f31 3237 2e30 2e30 2e30 .......127.0.0.0 0260: 2f38 2c3a 3a31 0000 0082 0000 0015 7065 /8,::1........pe 0270: 726d 6974 2d58 3131 2d66 6f72 7761 7264 rmit-X11-forward 0280: 696e 6700 0000 0000 0000 1770 6572 6d69 ing........permi 0290: 742d 6167 656e 742d 666f 7277 6172 6469 t-agent-forwardi 02a0: 6e67 0000 0000 0000 0016 7065 726d 6974 ng........permit 02b0: 2d70 6f72 742d 666f 7277 6172 6469 6e67 -port-forwarding 02c0: 0000 0000 0000 000a 7065 726d 6974 2d70 ........permit-p 02d0: 7479 0000 0000 0000 000e 7065 726d 6974 ty........permit 02e0: 2d75 7365 722d 7263 0000 0000 0000 0000 -user-rc........ 02f0: 0000 0197 0000 0007 7373 682d 7273 6100 ........ssh-rsa. 0300: 0000 0301 0001 0000 0181 00b2 e191 7d6e ..............}n 0310: e930 294f 4197 363b f518 69d6 ee1a 8aee .0)OA.6;..i..... 0320: 8aa0 ef64 055f b942 fa25 5e99 f769 82b0 ...d._.B.%^..i.. 0330: baca 6ce7 87a9 432a 3938 27d4 9fc7 dd48 ..l...C*98'....H 0340: 9795 22c7 f1b2 d6cd 503b b669 308c 9f82 ..".....P;.i0... 0350: e2a6 e968 1603 15f0 f4e0 02c8 3249 815f ...h........2I._ 0360: 3c05 c484 2f77 0e08 dc13 2b31 2fac f9a2 <.../w....+1/... 0370: 4f2a b8f7 b5bf 836f 955b 8321 ebe2 91c3 O*.....o.[.!.... 0380: 23a0 7ddb b096 ddd0 cf7b f716 523a 4e9f #.}......{..R:N. 0390: 6dbd 3505 4e46 30b7 3a3b e61f 4d42 0fb4 m.5.NF0.:;..MB.. 03a0: 9888 3eb7 6f42 54ab 3733 f07a 8999 c211 ..>.oBT.73.z.... 03b0: 558a e1a6 e054 e109 6bcb 96b3 68c9 5645 U....T..k...h.VE 03c0: f4b0 8df1 ebac 62ce d44b 5124 e22e cd14 ......b..KQ$.... 03d0: cb88 0531 329c 8e28 0027 6a4f 2cf9 bb08 ...12..(.'jO,... 03e0: 4711 c030 1ffc 88d8 303c 1536 0ff4 07d8 G..0....0<.6.... 03f0: 9353 10b3 7e98 3879 a88f befc 317b 39a1 .S..~.8y....1{9. 0400: 3a01 950e 2166 7823 cfad 14be 2531 c8f2 :...!fx#....%1.. 0410: a610 8c3d 92cf 690c 2eaf 2ab6 73ca 4d18 ...=..i...*.s.M. 0420: a207 8be7 26cf 4102 b306 56fb 7fab a46a ....&.A...V....j 0430: 307c 6fed e057 717a fa22 069a 1d95 c14c 0|o..Wqz.".....L 0440: 94d4 96a7 c837 22bd 0f28 e524 4eb2 c653 .....7"..(.$N..S 0450: 070e c386 a5d0 f026 b1b0 7987 32c7 3339 .......&..y.2.39 0460: 66fd 10c9 3215 0235 27a7 7926 e65c bfea f...2..5'.y&.\.. 0470: 0c86 bb53 5b8b c743 3075 17fc 7f35 0620 ...S[..C0u...5. 0480: 6270 d445 98ca 7e37 778f 1300 0001 9400 bp.E..~7w....... 0490: 0000 0c72 7361 2d73 6861 322d 3531 3200 ...rsa-sha2-512. 04a0: 0001 8032 472d 6129 fbbb ecac 4199 4bb1 ...2G-a)....A.K. 04b0: 1fc7 b140 d857 2214 b4dc 1e5e 8712 0d43 ...@.W"....^...C 04c0: d176 4647 137a 58f5 c4ec c12c 6c94 615e .vFG.zX....,l.a^ 04d0: c9fe 0fbc 895f a618 2076 486b e421 24e2 ....._.. vHk.!$. 04e0: eafb a186 d729 4052 47d5 c858 17a7 0292 .....)@RG..X.... 04f0: 83dc 27e4 b310 5220 611d 04e0 4bab 0591 ..'...R a...K... 0500: 3fb6 fc5d 3b7d acf4 f32b a1d4 b16a bae3 ?..];}...+...j.. 0510: 0316 27e7 5fb0 34ed 608f a1c0 dc31 d253 ..'._.4.`....1.S 0520: 7807 5c08 2806 b412 6265 ec78 51c7 473c x.\.(...be.xQ.G< 0530: 7d77 e4c1 db8b 4876 d0d5 f479 e721 63d6 }w....Hv...y.!c. 0540: cfde 754b 1f59 7db1 5dbc d281 5ca5 dac7 ..uK.Y}.]...\... 0550: 4ab5 3dc3 3cef 211c 1b15 be36 442b cf29 J.=.<.!....6D+.) 0560: e906 cbc2 0c84 040b 1b9d 4b22 dca8 fd88 ..........K".... 0570: 2e42 5089 9606 158f a499 a057 948e e49a .BP........W.... 0580: f612 b3fb 3490 71b7 cfa9 f8c2 9bc4 c596 ....4.q......... 0590: 8466 4776 c265 47dc 43d7 4741 1fb3 2231 .fGv.eG.C.GA.."1 05a0: 21e6 e5c7 92c8 f637 d1c0 2c53 0d04 0281 !......7..,S.... 05b0: 8593 26ad c004 4f40 ee2a efef fdba 1b60 ..&...O@.*.....` 05c0: dfe9 187f 55e7 829d 4a6b e97b 94ae fe3d ....U...Jk.{...= 05d0: 8518 36ea d829 1665 af4a 2f52 03be 78de ..6..).e.J/R..x. 05e0: 8cf7 9861 83ac 1347 2ab6 2ec4 5e2b f103 ...a...G*...^+.. 05f0: 16f5 bc4d 1ba4 9e5d 14d4 ed5a 0e78 e76a ...M...]...Z.x.j 0600: 1e55 8d3c 58fc 4b01 726f 1a8e 56dd 86d4 .U. 07c0: 677c 55a7 0678 3dc2 251b fb93 53ce e960 g|U..x=.%...S..` 07d0: 9a2b afb1 7ac2 9482 2f90 c565 7556 5166 .+..z.../..euVQf 07e0: 6b59 fcae 748a 53f3 b795 0439 cbb4 14ed kY..t.S....9.... 07f0: 739a b3a5 c2d1 ac58 e3d5 72b4 68f2 c5e5 s......X..r.h... 0800: bd65 208c 8939 3efe d7f2 58dc 9edf 4e75 .e ..9>...X...Nu 0810: 1833 85c4 3bc8 6e47 9eda 2606 c6fb 0255 .3..;.nG..&....U 0820: 24a6 fa11 34da 41e4 9384 7024 3a13 928c $...4.A...p$:... 0830: ca13 4267 efdf 7ab2 0970 486b fc46 caba ..Bg..z..pHk.F.. 0840: 60bd cb1b cca7 5dbf b2c0 c85c b430 7a0b `.....]....\.0z. 0850: 1856 d7a2 b3fc b399 30ec 4d60 0991 d2a8 .V......0.M`.... 0860: 442e a930 4d2d f85d 6443 9500 0000 c100 D..0M-.]dC...... 0870: f5e2 dadb cd2a 8bf3 3522 ff42 0561 628b .....*..5".B.ab. 0880: 9068 b402 7517 a8e2 411d d44b 888b ee29 .h..u...A..K...) 0890: 5fde 4263 81a9 f593 d617 aaa5 c398 1a94 _.Bc............ 08a0: 937f a387 626c 4a1e c835 6858 c57f 52e5 ....blJ..5hX..R. 08b0: 05f2 cabb f97d 0d07 7d38 071a a409 2277 .....}..}8...."w 08c0: 79df 1e4a 4d15 cbf1 f3f4 6324 34b8 85d6 y..JM.....c$4... 08d0: 67b8 cd99 c156 afc4 f7c1 730c 9e4f 879f g....V....s..O.. 08e0: 9932 6762 bcd4 4705 ed36 2db4 0993 14f5 .2gb..G..6-..... 08f0: 84a3 ba52 31fc b6b8 80a4 b950 267f 0426 ...R1......P&..& 0900: c280 e1b4 4dbb 61a1 6e36 4ed3 225e 38a9 ....M.a.n6N."^8. 0910: c8d7 2f61 8b4b e824 3b4f ae0f 74e7 8b28 ../a.K.$;O..t..( 0920: a28e 09a0 f83e 5b00 dbc7 dd15 d12b af81 .....>[......+.. 0930: 0000 00c1 00ba 3d29 0aac 5ded d5aa 49a4 ......=)..]...I. 0940: 9282 b5af f719 8059 c3c4 5e97 baf8 b9bc .......Y..^..... 0950: abb1 94af e5b2 0d91 103e 9991 8247 2054 .........>...G T 0960: 0575 e313 1d65 d607 125b a2b7 c0ff cc01 .u...e...[...... 0970: 776e c582 ab4a e5b0 6d7a 81b1 c8b3 fca8 wn...J..mz...... 0980: f8b8 090e 7183 9d4e 7bf7 2c4a d19a 51e5 ....q..N{.,J..Q. 0990: cc3b 6b98 c5bc 59a9 6fc2 682a c2dc f080 .;k...Y.o.h*.... 09a0: f478 156a 9a90 9e4e 5f80 af7a a9da 0457 .x.j...N_..z...W 09b0: e8a3 e95a 4520 27f7 73c9 942a 27c7 9102 ...ZE '.s..*'... 09c0: 60b8 b51d 51d9 3a0b 0b06 9e8b 9d02 406a `...Q.:.......@j 09d0: 8cdf 9b1c 8670 0a64 6e06 6016 d878 4953 .....p.dn.`..xIS 09e0: 9121 cc61 8ba8 96b6 acf9 ac51 0b33 5961 .!.a.......Q.3Ya 09f0: 24ec c5c8 93 $.... ]]>

Example ecdsa-sha2-nistp256-cert Private certificate