hpr1920 :: 21 - SSH Authentication - Keys
We introduce the idea of using public/private key pairs for authentication
Hosted by Ahuka on Friday, 2015-12-11 is flagged as Clean and is released under a CC-BY-SA license.
ssh, client, encryption, keys.
(Be the first).
The show is available on the Internet Archive at: https://archive.org/details/hpr1920
Listen in ogg,
spx,
or mp3 format. Play now:
Duration: 00:18:39
Privacy and Security.
In this open series, you can contribute shows that are on the topic of Privacy and Security
When you first try to login to a remote server you need to authenticate yourself, which means you have to demonstrate that you have rights to be on that server. You can do this in several ways:
- Password You authenticate to the server by typing in your password. This is easy because you can generally remember your password, and it means you can easily login from any computer with that knowledge. This is still the most common authentication mechanism for SSH. It is also the least secure.
- Public Key This is much more secure. It involves the creation of a key pair, of course. It is possible to use a key pair generated by PGP or GPG in the most current versions (version 2.0.13 introduced support for this). But there is a long established method using the Unix program ssh-keygen. This is very similar to generating a key pair as we discussed earlier. You run the program ssh-keygen, harvest some entropy, generate a passphrase to protect it, and so on.
For more go to https://www.zwilnik.com/?page_id=733
Links:
- https://www.zwilnik.com/?page_id=650
- https://hackerpublicradio.org/eps.php?id=1640
- https://linux.die.net/man/1/ssh-keygen
- https://csrc.nist.gov/publications/drafts/nistir-7966/nistir_7966_draft.pdf
- https://kb.siteground.com/how_to_generate_an_ssh_key_on_windows_using_putty/
- https://www.zwilnik.com/?page_id=733