LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   how does SSH use public/private Keys (https://www.linuxquestions.org/questions/linux-general-1/how-does-ssh-use-public-private-keys-4175445539/)

tripialos 01-14-2013 09:00 AM
how does SSH use public/private Keys
 
Greetings

Happy new year to everyone.

I don't know if i should ask here or even my question to be addressed is like private lectures but when it comes to confusion i always run here in Linux Questions.

I have read many articles regarding ssh but i just got confused and mixed all things up.

So, i am firing up:

1) How come when i ssh to my server i am able to login since i havent generated any keys?

2) Does ssh uses keypairs to authorize a user or a host?

3) How does actually ssh uses the public/private keys for its purpose?

Thanks

sundialsvcs 01-14-2013 09:06 AM
Honestly, this has been talked to death elsewhere ... do a little more Googling.

If you are able to ssh to a server without logging-in, then try this command: [font=courier]ls ~/.ssh[font] ... and don't forget the dot. See anything? If so, then you do have private keys defined and that's why you can log in without a password.

It's also possible that, on your (corporate) network, both systems are using a common password-authority such as LDAP. Both systems therefore recognize you and so they're letting you pass without further challenge.

SSH can be configured in many different ways. Yes, it does use keys to verify remote systems. In addition to this, it may use keys to recognize users. But there are several different ways that it can recognize users.

tripialos 01-14-2013 09:13 AM
Quote:
Originally Posted by sundialsvcs (Post 4869676)
Honestly, this has been talked to death elsewhere ... do a little more Googling.
Roger that :-S

Quote:
Originally Posted by sundialsvcs (Post 4869676)
If you are able to ssh to a server without logging-in, then try this command: [font=courier]ls ~/.ssh[font] ... and don't forget the dot. See anything? If so, then you do have private keys defined and that's why you can log in without a password.
Provably i wasnt that clear. What i ment is that i do get password promt and enter my login credentials to gain access to my VPS. However, in all tutorials i read that you generate password/pass-wordless keys in order to access the remote hist. Hence my question why i get login prompt since i havent generated any keys. [/QUOTE]

Will do more googling

chrism01 01-15-2013 01:54 AM
You can login with password OR passwordless-using-ssh-keys ie its either one or the other.
This is not taking into acct distributed auth systems like LDAP as mentioned above.

PS try chap 17 http://www.linuxtopia.org/online_boo...ion/index.html

tripialos 01-15-2013 02:35 AM
Quote:
Originally Posted by chrism01 (Post 4870317)
You can login with password OR passwordless-using-ssh-keys ie its either one or the other.
This is not taking into acct distributed auth systems like LDAP as mentioned above.

PS try chap 17 http://www.linuxtopia.org/online_boo...ion/index.html
Thanks. I am on it.

Since yesterday i am reading the book :SSH, The Secure Shell: The Definitive Guide

http://www.amazon.co.uk/SSH-Secure-S.../dp/0596008953

So far it made clear a lot of things that were confusing me. Once i finish it i am thinking to come back and post a very brief, simplified version of SSH in order to answer my question

jschiwal 01-15-2013 02:51 AM
Look at your /etc/ssh/sshd_config file. Just after the UsePAM is a paragraph of comments which say which settings to change for using keys instead. You still need to generated keys on your client computer, and add the public keys to $HOME/.SSH/authorized_keys,

You also need to check the permissions of .SSH and your home directory,

Use ssh-keygen to generate the key pair.


All times are GMT -5. The time now is 04:35 PM.