Re: Does Public Key Authentication offer additional security over SSH/SFTP



On 2006-12-12, Marty W <Captain.Wing@xxxxxxxxx> wrote:
I've got a fairly newbie (but hopefully quick) question.
So I've set up a public/private key pair on my Unix boxes for
authentication for my SSH/SFTP connections so I don't have to provide
my password.

Does setting this up provide an extra layer of security

Yes, in that the private key is much harder for an attacker to guess
compared to a password.

(ie additional encryption) ?

Of the data being sent? No. There's an extra cryptographic step in the
authentication where the client proves to the server that it has access
to the relevant private key but after that the encrpytion of the data
is equivalent regardless of the authentication method (all other things
being equal).

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
.