[PLUG] ssh public/private key login authentication?
Michael Rasmussen
michael at jamhome.us
Sat Jul 5 02:07:47 UTC 2014
On Fri, Jul 04, 2014 at 06:35:03PM -0700, Keith Lofstrom wrote:
> Question?
>
> Without getting into incompetence, impersonation,
> man-in-the-middle, drugs and pipe wrenches ...
>
> I have a friend in another state who I want to give ssh access
> to on one of my machines. If I understand ssh key exchange,
>
> 1) he makes a private/public key pair for openssh
> 1a) using a recent Linux, of course
> 2) he sends me the public key over the unencrypted internet
> 3) I put it in the .ssh/authorized_keys2 in his user directory
>
> ... and we are probably good to go, yes? Not perfect security,
> but enough, I hope, to irritate a typical national spy agency.
>
> If necessary, we can escalate the complexity of the transfer,
> (key encoded in carrier pigeon DNA - sequence DNA, eat bird)
> but complication is insecure in its own way.
That's how it works.
You need to get the permissions correct on file in ~/.ssh or it will
refuse to work.
--
Michael Rasmussen, Portland Oregon
Be Appropriate && Follow Your Curiosity
Education isn't filling a pail but lighting a fire.
~ WB Yates
More information about the PLUG
mailing list