Re: Does Public Key Authentication offer additional security over SSH/SFTP
- From: Darren Tucker <dtucker@xxxxxxxxxxxxxxxx>
- Date: Tue, 12 Dec 2006 22:47:31 +1100
On 2006-12-12, Marty W <Captain.Wing@xxxxxxxxx> wrote:
I've got a fairly newbie (but hopefully quick) question.
So I've set up a public/private key pair on my Unix boxes for
authentication for my SSH/SFTP connections so I don't have to provide
Does setting this up provide an extra layer of security
Yes, in that the private key is much harder for an attacker to guess
compared to a password.
(ie additional encryption) ?
Of the data being sent? No. There's an extra cryptographic step in the
authentication where the client proves to the server that it has access
to the relevant private key but after that the encrpytion of the data
is equivalent regardless of the authentication method (all other things
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- Prev by Date: Re: Sftp logs
- Next by Date: Re: Sftp logs
- Previous by thread: Does Public Key Authentication offer additional security over SSH/SFTP
- Next by thread: Re: Does Public Key Authentication offer additional security over SSH/SFTP