jonnytabpni |
06-23-2010 02:49 AM |
Quote:
I wish to provide shell access to a console program, which will prompt for a username and password. Encryption is essential though, and users must not be able to snoop in on each other
|
If either of you read my question, you would actually see that security does matter to me, and this is my question on this thread. All I was simply intending on doing was offloading the authentication from SSH to a third party app. Look at my quote above.
Quote:
Erm come again.... You're selling a service to customer on the basis that it has deliberately crippled security???
|
No, I'm not. I'm asking here if what I was considering doing would criple security, and if it does I won't. I think you have answered this question in your sharp comment. Additionally, the users would still have to authenticate themselves with another program that launches upon login. This is a forum where people ask questions. And since I am new to this area, I think it is a perfectly reasonable thing to ask.
Anyway, the helpful people over at serverfault have answered this question for me, and I'll post the correct answer here for anybody who arrives here looking for a proper answer:
The way SSH works, is that the "encryption keys" are initally exchanged. However these keys themselves are exchanged in an encrypted fashion using the public/private key pair, so indeed every customer needs to have their own public/private key pair to ensure that they can't snoop in on each other.
|