Re: Newbie question: SSH2 and publickey authentication safe?
From: Markus Friedl (msfriedl@cip.informatik.unierlangen.de)Date: 01/26/02
 Next message: Markus Friedl: "Re: sshd [871] random session key or cracked?"
 Previous message: KJdkjlfls: "Newbie question: SSH2 and publickey authentication safe?"
 In reply to: KJdkjlfls: "Newbie question: SSH2 and publickey authentication safe?"
 Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: msfriedl@cip.informatik.unierlangen.de (Markus Friedl) Date: 26 Jan 2002 09:27:15 GMT
>For example#1, what if the WalletInspector steals my publickey (my
>private key is still safe.) If he has my publickey, is that
>enough for him to 'impersonate' my identity, and attempt to login
>to the SSH2 server?
no. he needs the unencrypted private key.
>For example#2, let's say the WalletInsepctor steals BOTH my
>publickey and privatekey. By comparing the privatekey and
>publickey, can he reconstruct the passphrase?
no. he needs the to start a brute force attack (e.g.
try words from a dictionary) against the encrypted
private key.
 Next message: Markus Friedl: "Re: sshd [871] random session key or cracked?"
 Previous message: KJdkjlfls: "Newbie question: SSH2 and publickey authentication safe?"
 In reply to: KJdkjlfls: "Newbie question: SSH2 and publickey authentication safe?"
 Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
