Re: Basics of key authentication
From: Old Man (Reply_at_the.forum.com)
Date: Sat, 31 Jul 2004 18:36:09 GMT
"Jonathan" <email@example.com> wrote in message
"OpticTygre" <firstname.lastname@example.org> wrote in message
> Ok, so everything I've read basically tells me the client creates a public
> and private key. The public key gets copied to the server, and when the
> client wants to log in, the server encrypts some message with the public
> key, and the client decrypts it with its private key to prove he is who he
> says he is. Is that right so far?
> Alright, if that's ok, then I have a few questions.
> 1. A server can have tons of public keys stored on it. How does he know
> which public key to encrypt the message with for the client?
> 2. In the process of public / private key authentication for logins, what
> is the order things are typically done? IE:
> a. client says "hey, I want to connect"
> b. client sends a message encrypted with private key
> c. server decrypts through list of public keys
> etc..... (I'm sure the above isn't right)
> In other words, what's the step-by-step process used for authenticating
> public/private keys between client and server? Thanks for helping to
> things up.
>> I am IT student at a nation college.We have been talking in class
>>about both public and private keys the question I have to pose is
>>whether or not using the same public or private key is possible to use
>>on differnt operating system in a complex network over a WAN.
Part of what they are "supposed" to do in American colleges is to
teach students to think. So,
Question: If you download the OpenSSH 3.2 package on your machine,
and I download OpenSSH 3.2 on my machine, then why wouldn't
ssh-keygen generate a compatible key on both systems, and decode both
keys equally? (Package -- no compiling it to be your way.)
Appended saying: There is just no substitute for intelligence.