Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
You have 4 different things:
1) A shared secret-key or shared season key that you have no control of and is the heart of the SSH communication. This will be the first thing a SSH connection will generate (each time a new connection is made, or even several times per connection)..
2) Server fingerprint .. This is important because it's used by the client to make sure he's talking with the server he wants (this only works when the clients already knows the servers fingerprint) .. Under the hood these are basically public/private key-pair (just created with some mandatory algorithms depending on the strenght and security desired) ... These are way more important then people belive they are. Also, these key-pairs are usually created in the installation process.. That doesn't mean they can't be changed and/or backed up... Actually, it would make sense to do so, thus ensuring the same fingerprint will be available to your clients)..
3) (Client) Public key ... This only works in pair with the private key and is used by the server as part of an algoritm to encrypt data that can only be decrypted by the private key... this si an assymetrical encryption
4) (Client) Private key ... This is the important part... Only the private key can decrypt what a paired public-key encripted... This is why when the server creates a challenge for you, the client, only holding this file can you decrypt that challenge and give back the correct response (confirming, thus, that you are who you say you are)...
Out of this, numbers 1 and 2 will exists no matter what you do when you use SSH...
So... How this works (assuming use of the public/private keys):
Any connection begin with creating a shared secret key that encrypts the communication (symmetric encryption). The way this is done is out of our scope and has nothing to do with public/private key-ring, but it's one of SSHs strenghts... Everything will be encrypted with this shared key from now on.. It is important to note that an algoritm is used from which both parties can get the same shared secret, yet it will never be transmitted over the network. By this time, also, the server fingerprint would have been checked (also, by making use of some asymmetrical encryption).
Now that the connection is encrypted and you trust the server, you log in (either the old fashion way) or in our case logging in using the key-ring:
1) The client states he wants to login in using a specific ID for the public/private pair (this is why you're asked for a name -- you're not asked for a file name, but for a name given to both your public and your private keys)
2) Assuming the server finds the public key (usually in the authorized_keys file) he will generate a random challenge (think of a random number) and use that public key to asymmetrical encrypt that challenge (so there wouldn't be any possible way to decrypt it without the private key)... It then sends the resulting encrypted string to the client.
3) The client decrypts the challenge (if it has that private key), it encrypts that challange with the shared secret key and then creates an MD5-hash of that encrypted value.. It sends back that MD5 hash
4) The server does the same with the unencrypted challenge he generated and compares the two MD5-hases.. If they fit, you're authentificated.
And that's basically it..
Let me say this: A lot of people confuse the clients public/private key-ring with the shared-secret key or the servers private/public key-ring (fingerprint) and think they are used when creating that shared-secret that allows the symmetrical encryption to occur... That is false.. The user's public/private key-ring is simply used on authentification, the connection is already secured by that time.
Last edited by Smokey_justme; 07-14-2016 at 07:09 PM.
Let's try it differently:
2) Assuming the server finds the public key (usually in the authorized_keys file) he will generate a random challenge (think of a random number) and use that public key to asymmetrical encrypt that challenge (so there wouldn't be any possible way to decrypt it without the private key)... It then sends the resulting encrypted string to the client.
3) The client decrypts the challenge (if it has that private key), it encrypts that challange with the shared secret key and then creates an MD5-hash of that encrypted value.. It sends back that MD5 hash
4) The server does the same with the unencrypted challenge he generated and compares the two MD5-hases.. If they fit, you're authentificated.
The description above is pretty rough, and the steps seems to be out of place, but it sounds like you are describing a Digital Signature.
I suspected that using the traditional Digital Signature approach was how things worked, yet it seems odd that I haven't been ale to find any detailed (and correct) descriptions of this?!
Last edited by RobInRockCity; 07-14-2016 at 10:57 PM.
The mathematical relationship between the public key and the private key allows the public key to encrypt messages that can only be decrypted by the private key. This is a one-way ability, meaning that the public key has no ability to decrypt the messages it writes, nor can it decrypt anything the private key may send it.
is in fact CORRECT.
Symmetric encryption means the one/same key to ENcrypt AND DEcrypt.
Also note that this exchange (a "Diffie-Hellman Key Exchange") is only used to communicate the initial shared-secret that is then used, with fast symmetric cryptography, to subsequently encipher the actual conversation. This secret, symmetric key is replaced from time to time so that large blocks of data are not sent using the same key and thus become susceptible to a "known plaintext attack."
"Password-free" logins are actually more secure, at least from a theoretic point of view, because you must possess an authorized key. It can be problematic in practice, however, because if you can ever get your hands on the account, you can either steal an authorized key or plant one of your own. On a great many systems that I have worked with over these years, I usually found at least one authorized key that no one recognized. I basically have never found auditing of those keys.
Alternatives to this strategy do exist. There are other ways to establish what is an "authorized key," and to dictate where that key is allowed to log-in, based on the use of secure central authority such as Kerberos or LDAP (MS OpenDirectory).
I never use ssh as the first line of defense if I have any say in the matter: I always use OpenVPN with the "Dwarvish Door" strategy that I have previously described in this forum. I never directly expose anything that will allow a login: prompt to be offered to the outside world, nor one that so-easily allows a cryptographic key to be inserted by a successful intruder.
Last edited by sundialsvcs; 07-15-2016 at 07:39 AM.
The mathematical relationship between the public key and the private key allows the public key to encrypt messages that can only be decrypted by the private key. This is a one-way ability, meaning that the public key has no ability to decrypt the messages it writes, nor can it decrypt anything the private key may send it.
is in fact CORRECT.
It is not correct.
You can encrypt something with the public key and decrypt it with the private key.
You can also encrypt something with the private key and decrypt it with the public key.
To say, "the public key (cannot) decrypt anything the private key may send it" is WRONG!
This could well be a case that the person who wrote this has piss-poor writing skills and didn't mean what he said, but taken literally, it is wrong. (Geek often struggle with writing things clearly...)
And since DigitalOcean got that wrong, I closed the page and move onward.
Last edited by RobInRockCity; 07-15-2016 at 03:53 PM.
Of course, PGP admittedly adds in their own twist to asymmetric cryptography, so maybe the way the server challenges me is slightly different?
I'm not sure why I can't find dozen of links that explain all of this step-by-step. Am I the only one who wants to know precisely how all of this works?
Last edited by RobInRockCity; 07-15-2016 at 03:56 PM.
You can encrypt something with the public key and decrypt it with the private key.
You can also encrypt something with the private key and decrypt it with the public key.
To say, "the public key (cannot) decrypt anything the private key may send it" is WRONG!
This could well be a case that the person who wrote this has piss-poor writing skills and didn't mean what he said, but taken literally, it is wrong. (Geek often struggle with writing things clearly...)
And since DigitalOcean got that wrong, I closed the page and move onward.
This is completely wrong... The public key can't decrypt anything the private key encrypts... Actually the private key is not meant to encrypt anything.. I don't know who told you this..
Your scenario wouldn't even make sense... Why would they be called private and public if they could be used at the same thing? And security wise that would be a total failure..
Last edited by Smokey_justme; 07-15-2016 at 04:50 PM.
Of course, PGP admittedly adds in their own twist to asymmetric cryptography, so maybe the way the server challenges me is slightly different?
I'm not sure why I can't find dozen of links that explain all of this step-by-step. Am I the only one who wants to know precisely how all of this works?
No.. It's like the "Public key cryptography" paragraph.. Digital Signatures are a different things...
This is completely wrong... The public key can't decrypt anything the private key encrypts
I suspect that you might be mistaken on this point, Smokey . . .
"The public key can onlydecrypt something that the private key encrypts." Therefore, if decryption is successful, the recipient can be confident that the message must have originated from the sender. This is the basis of "message signing."
Likewise, "anything that the public key encrypts, can only be decrypted by the private key." Thus, anyone on Planet Earth can "send a private message," knowing that only the intended recipient of that message can decrypt it. This is the basis of "secure messaging."
Any operation (encryption or decryption ...) that is instigated by the holder of "one key of the pair," can only be reversed by a holder of "the other key of the pair." That is the essence of public-key encryption (PKI).
Last edited by sundialsvcs; 07-15-2016 at 05:59 PM.
This is completely wrong... The public key can't decrypt anything the private key encrypts... Actually the private key is not meant to encrypt anything.. I don't know who told you this..
Your scenario wouldn't even make sense... Why would they be called private and public if they could be used at the same thing? And security wise that would be a total failure..
"The basic manner in which digital signatures are created is illustrated in Figure 1-6. Instead of encrypting information using someone else's public key, you encrypt it with your private key. If the information can be decrypted with your public key, then it must have originated with you."
I suspect that you might be mistaken on this point, Smokey . . .
"The public key can onlydecrypt something that the private key encrypts." Therefore, if decryption is successful, the recipient can be confident that the message must have originated from the sender. This is the basis of "message signing."
Likewise, "anything that the public key encrypts, can only be decrypted by the private key." Thus, anyone on Planet Earth can "send a private message," knowing that only the intended recipient of that message can decrypt it. This is the basis of "secure messaging."
Any operation (encryption or decryption ...) that is instigated by the holder of "one key of the pair," can only be reversed by a holder of "the other key of the pair." That is the essence of public-key encryption (PKI).
Thank you!
To add to this, if the goal of Person-A was to send "launch codes" to Person-B, then it would make the most sense for Person-A to take Person-B's Public-Key, encrypt the "launch-codes", and then let Person-B use his Private-Key to decrypt things. That way only Person-B can get the "launch codes".
Using the scenario I described, Person-A could also encrypt the "launch codes" using his Private-Key, and then let Person-B use his Public-Key to decrypt the "launch codes", however, if Person-C, Person-D, and others had Person-A's Public-Key, then the "launch codes" would still be decryptable, but not very "private"!!
So using the second scenario wouldn't make sense in practical terms, yet it would still technically work.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.