HPR1920: 21 - SSH Authentication - Keys
Hosted by Ahuka on 2015-12-11 00:00:00 Download or Listen
When you first try to login to a remote server you need to authenticate yourself, which means you have to demonstrate that you have rights to be on that server. You can do this in several ways:
- Password You authenticate to the server by typing in your password. This is easy because you can generally remember your password, and it means you can easily login from any computer with that knowledge. This is still the most common authentication mechanism for SSH. It is also the least secure.
- Public Key This is much more secure. It involves the creation of a key pair, of course. It is possible to use a key pair generated by PGP or GPG in the most current versions (version 2.0.13 introduced support for this). But there is a long established method using the Unix program ssh-keygen. This is very similar to generating a key pair as we discussed earlier. You run the program ssh-keygen, harvest some entropy, generate a passphrase to protect it, and so on.
For more go to https://www.zwilnik.com/?page_id=733
Links:
- https://www.zwilnik.com/?page_id=650
- https://hackerpublicradio.org/eps.php?id=1640
- https://linux.die.net/man/1/ssh-keygen
- https://csrc.nist.gov/publications/drafts/nistir-7966/nistir_7966_draft.pdf
- https://kb.siteground.com/how_to_generate_an_ssh_key_on_windows_using_putty/
- https://www.zwilnik.com/?page_id=733
Comments
More Information...
Copyright Information
Unless otherwise stated, our shows are released under a Creative Commons Attribution-ShareAlike 3.0 Unported (CC BY-SA 3.0) license.
The HPR Website Design is released to the Public Domain.