how does SSH use public/private Keys
Greetings
Happy new year to everyone. I don't know if i should ask here or even my question to be addressed is like private lectures but when it comes to confusion i always run here in Linux Questions. I have read many articles regarding ssh but i just got confused and mixed all things up. So, i am firing up: 1) How come when i ssh to my server i am able to login since i havent generated any keys? 2) Does ssh uses keypairs to authorize a user or a host? 3) How does actually ssh uses the public/private keys for its purpose? Thanks |
Honestly, this has been talked to death elsewhere ... do a little more Googling.
If you are able to ssh to a server without logging-in, then try this command: [font=courier]ls ~/.ssh[font] ... and don't forget the dot. See anything? If so, then you do have private keys defined and that's why you can log in without a password. It's also possible that, on your (corporate) network, both systems are using a common password-authority such as LDAP. Both systems therefore recognize you and so they're letting you pass without further challenge. SSH can be configured in many different ways. Yes, it does use keys to verify remote systems. In addition to this, it may use keys to recognize users. But there are several different ways that it can recognize users. |
Quote:
Quote:
Will do more googling |
You can login with password OR passwordless-using-ssh-keys ie its either one or the other.
This is not taking into acct distributed auth systems like LDAP as mentioned above. PS try chap 17 http://www.linuxtopia.org/online_boo...ion/index.html |
Quote:
Since yesterday i am reading the book :SSH, The Secure Shell: The Definitive Guide http://www.amazon.co.uk/SSH-Secure-S.../dp/0596008953 So far it made clear a lot of things that were confusing me. Once i finish it i am thinking to come back and post a very brief, simplified version of SSH in order to answer my question |
Look at your /etc/ssh/sshd_config file. Just after the UsePAM is a paragraph of comments which say which settings to change for using keys instead. You still need to generated keys on your client computer, and add the public keys to $HOME/.SSH/authorized_keys,
You also need to check the permissions of .SSH and your home directory, Use ssh-keygen to generate the key pair. |
All times are GMT -5. The time now is 04:35 PM. |