Public Key Infrastructure – Hacker Safe Infrastructure

März 17, 2008

SSH is a well-known system which allows the use of a remote shell on a secure connection. A secure connection here is one which is authenticated, encrypted and checked for integrity. The encryption stops attackers from being able to read the transmitted data.

The authentication helps both the server and the client know that they are not connected to an intermediate system which is attack prone but to each other. Checking for integrity helps make sure that the data remains unchanged during transit. These features together helps make your connection secure.
The login feature is password based and the transmission of your password to the remote server, through this link, here it gets compared with the value stored in the password file and is hashed, is a cause for concern to many in spite of the encrypted connection. Public key authentication is used by SSH for logging in to a server. In this case, your private key is kept on the client system and the public key is used to gain access to the server with no password.

Now, when the connection on SSH is established, the server will check the client’s authentication to make sure that the person logging in is not an attacker. Previously this was done by asking for your password and then comparing it to the password hash which was stored previously. Now a token for your public key is randomly generated by the server and is sent to you. The private key which is associated to your public key is stored in a file which only you can access. Once the server has made sure that you are the person who has the private key which is linked to the public key, you are granted access.

Related Weblinks:
DMOZ Public Key Security