Re: How to allow multiple hosts with same key??

From: Rajeev Kumar (rajeev@rajeevnet.com)
Date: 12/19/02

  • Next message: Ray Thompson: "RE: How to allow multiple hosts with same key??" 
    Date: Thu, 19 Dec 2002 12:30:22 -0500
From: Rajeev Kumar <rajeev@rajeevnet.com>
To: Biju Perumal <biperuma@npd.hcltech.com>

    I don't think user@host matters in your public key at all. You can
    change that as blah@blah and it should work. That is just for some
    information purpose. Actually key is that big HEX string you are seeing
    which is related to private key. So as long you have same private key ,
    you can use same public key also. I am not sure about how and what
    product you are trying to use. But consider this scenario.

    You have users home (assuming UNIX environment) on NFS. So user will log
    on any machine but gets same home. Assuming user is storing ssh private
    keys at default location ~/.ssh/ then user will get same private key no
    matter which machine he is logging and thus same public key would work
    here in server/client context.

    Rajeev

    Biju Perumal wrote:
    > Hi All,
    > Is it possible for multiple clients to connect to a server with the
    > same key.
    >
    > I will explain.
    > I have a box which allow only ssh connection with a custom build
    > kernel with ssh support. If I manage to put one public key along
    > with the image, can I connect from different clients using
    > a same private keay?
    >
    > How about changing the "user@host" in the public key to "*@*"?
    > Any problem with this approach?
    > Any other idea how to implement this.
    >
    > Thanks in advance
    >
    > regards
    > --
    > Biju Perumal
    > HCL Technologies Ltd
    > 184-188, N.S.K. Road,Vadapazhani
    > Chennai - 26, India
    > Voice: +91-44-3728366 (Extn: 1134)
    > http://san.hcltech.com
    >
    >
    >
    >
    > 

    -- 
____________________________________________________________________
	Rajeev Kumar (rajeev@rajeevnet.com)
		http://www.rajeevnet.com
-- PGP PUBLIC KEY -- http://www.rajeevnet.com/crypto/mypubkey
____________________________________________________________________
What's New on rajeevnet.com:
o OpenSSL Based PKI Implementation in Real World :: A Cookbook
    http://www.rajeevnet.com/crypto/ca/ca-paper.html
____________________________________________________________________

    Relevant Pages

    • RE: TIPS FOR THE NEWCOMER
      ... using your old private key, so there's no point in keeping a backup. ... > security risk if I send this through e-mail as an attachment to the ssh ... > has been compromised it does not really matter since it is a public key ... > more words for the passphrase it gets harder to crack? ...
      (SSH)
    • Re: ssh private and public keys known_host etc...
      ... If I generate the key file do I generate it on the host I want to ssh ... private key is on localhost, ... is the private key and the other the public key. ...
      (comp.security.ssh)
    • RE: PGP scripting...
      ... cryptosystems, ... In these systems divulging your private key compromises the public ... Here is a quick over view of the public key encryption routines (the ...
      (SecProg)
    • Re: Private & Public Key storage location
      ... with that you complete the 'certificate' to have both public and private key ... To view the complete cert, you access the cert mmc, ... its end & send only the public key to the CA along with the other websites ... The CA never know the private key of the website. ...
      (microsoft.public.inetserver.iis.security)
    • CryptImportKey NTE_BAD_KEY error.
      ... of the private key is just fine but when I try to import the public key I ... // This Asymetric key set will be used to create the Autherization Code. ... delete psBuffer; ...
      (microsoft.public.platformsdk.security)