Re: Securing SSH
From: Richard Soderberg (richard.soderberg@kib.ki.se)Date: 12/29/01
- Previous message: Akop Pogosian: "Re: OpenSSH 2.9p2: ssh-keygen bus errors"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Richard Soderberg" <richard.soderberg@kib.ki.se> Date: Sat, 29 Dec 2001 00:38:10 GMT
In article <tu2jqpiug333@corp.supernews.com>, "William Stacey"
<staceyw@ameritech.net> wrote:
>> It secures the connection (can't decrypt the session), but auth is only
> safe as
>> long as your public key file is safe.
> That is in direct conflict with my understanding and what Richard said.
> I thought the Public key file did not need to be safe. Anyone could
> have this and security could still be maintained - no?
As i understand it, the very essence of assymetric encryption is that
your public key is and should be -public. The private key, on the other
hand, should be kept very private. If you encrypt a message using the
private key it is decryptable with the public key - proof that the message
originated from you (or someone with access to your private key).
If I want to send you an encrypted message I use your public key to
encrypt it and the only one able to decrypt it is you, using your private
key.
Cheers,
/RS
- Next message: Yaroslav Klyukin: "Re: SSH SETUP"
- Previous message: Akop Pogosian: "Re: OpenSSH 2.9p2: ssh-keygen bus errors"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
