Re: Basics of key authentication

From: Old Man (Reply_at_the.forum.com)
Date: 07/31/04

  • Next message: Anne & Lynn Wheeler: "Re: Basics of key authentication"
    Date: Sat, 31 Jul 2004 18:36:09 GMT
    
    

    "Jonathan" <jerup3500@yahoo.com> wrote in message
    news:8a13d3e7.0407290753.4f4ac925@posting.google.com...
    "OpticTygre" <optictygre@adelphia.net> wrote in message
    news:<UPudnYJ36vqTpJ7cRVn-qQ@adelphia.com>...
    > Ok, so everything I've read basically tells me the client creates a public
    > and private key. The public key gets copied to the server, and when the
    > client wants to log in, the server encrypts some message with the public
    > key, and the client decrypts it with its private key to prove he is who he
    > says he is. Is that right so far?
    >
    > Alright, if that's ok, then I have a few questions.
    >
    > 1. A server can have tons of public keys stored on it. How does he know
    > which public key to encrypt the message with for the client?
    >
    > 2. In the process of public / private key authentication for logins, what
    > is the order things are typically done? IE:
    > a. client says "hey, I want to connect"
    > b. client sends a message encrypted with private key
    > c. server decrypts through list of public keys
    > etc..... (I'm sure the above isn't right)
    >
    > In other words, what's the step-by-step process used for authenticating
    via
    > public/private keys between client and server? Thanks for helping to
    clear
    > things up.
    >
    > -Jason

    >> I am IT student at a nation college.We have been talking in class
    >>about both public and private keys the question I have to pose is
    >>whether or not using the same public or private key is possible to use
    >>on differnt operating system in a complex network over a WAN.

    Part of what they are "supposed" to do in American colleges is to
    teach students to think. So,

    Question: If you download the OpenSSH 3.2 package on your machine,
    and I download OpenSSH 3.2 on my machine, then why wouldn't
    ssh-keygen generate a compatible key on both systems, and decode both
    keys equally? (Package -- no compiling it to be your way.)
    ======================================
    Appended saying: There is just no substitute for intelligence.


  • Next message: Anne & Lynn Wheeler: "Re: Basics of key authentication"

    Relevant Pages

    • Re: Why couldnt Public keys replace Passwords on the Internet?
      ... This would be more analogous to using a public/private ... key-pair for authenticating an SSH session. ... The private key doesn't ... > relying on the client to authenticate the user seems like a step ...
      (comp.os.ms-windows.nt.admin.security)
    • Re: Why couldnt Public keys replace Passwords on the Internet?
      ... This would be more analogous to using a public/private ... key-pair for authenticating an SSH session. ... The private key doesn't ... > instead of the server and relying on the client to authenticate the user ...
      (comp.os.ms-windows.nt.admin.security)
    • Re: Why couldnt Public keys replace Passwords on the Internet?
      ... This would be more analogous to using a public/private ... key-pair for authenticating an SSH session. ... The private key doesn't ... > relying on the client to authenticate the user seems like a step ...
      (microsoft.public.win2000.security)
    • Re: Why couldnt Public keys replace Passwords on the Internet?
      ... This would be more analogous to using a public/private ... key-pair for authenticating an SSH session. ... The private key doesn't ... > instead of the server and relying on the client to authenticate the user ...
      (microsoft.public.win2000.security)
    • Re: Cryptography problem
      ... Get each client to generate a public/private ... the secure transport. ... Don't have to worry about the client being in the wild, ...
      (comp.security.misc)