FW: [ale] SSH

[Joe Knapka]

Chris Fowler wrote:
> 
> Is this the way it works?
> 
> -----Original Message-----
> From: Chuck Huber
> Sent: Wednesday, December 29, 1999 10:12 AM
> To: Chris Fowler
> Cc: Louis Zamora
> Subject: RE: [ale] SSH
> 
> > -----Original Message-----
> > From: Chris Fowler
> > Sent: Wednesday, December 29, 1999 07:58
> > To: Chuck Huber
> > Subject: FW: [ale] SSH
> >
> >
> > More information
> >
> > -----Original Message-----
> > From: Joe Knapka [mailto:jknapka at charter.net]
> > Sent: Tuesday, December 28, 1999 7:47 PM
> > To: Chris Fowler
> > Cc: 'ale at ale.org'
> > Subject: Re: [ale] SSH
> >
> >
> > ssh-keygen generates both public and private RSA keys. As I
> > understand it, the client and server exchange RSA public keys,
> > and use RSA to authenticate one another and agree on a secret
> > session key.
> 
> Pretty close.  I don't see a need for the client to have a public key.  It

Because the public keys are also used for mutual authentication.
The host may allow connection only from certain trusted clients,
identified by their public keys.

Server: "Here's a random string I encrypted with your public key. Can
you decrypt it?"
Client: "Yes, here it is." Decrypts the string using its private key
and sends it back to the server.
Server: "Ah, then you must know your private key, which means you
are who I think you are."

-- Joe

> just needs to know how to obtain the public key for the server.  I imagine
> that this takes place in plain text. The protocol probably looks something
> like:

[snip]

> 
> I hope this helps clear things up.  I also hope that your research will
> prove me fairly accurate.
> 
> Enjoy,
>         - Chuck
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

-- Joe Knapka
* What happens when a mysterious force meets an inscrutable object?
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.