From owner-freebsd-questions  Wed Mar 18 04:33:46 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id EAA24787
          for freebsd-questions-outgoing; Wed, 18 Mar 1998 04:33:46 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from mailhost.tue.nl (mailhost.tue.nl [131.155.2.5])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA24782
          for <questions@FreeBSD.ORG>; Wed, 18 Mar 1998 04:33:43 -0800 (PST)
          (envelope-from J.G.E.Backus@urc.tue.nl)
Received: from asterix.urc.tue.nl [131.155.5.10] by mailhost.tue.nl (8.8.8)
	  id NAA20728 (ESMTP). Wed, 18 Mar 1998 13:33:24 +0100 (MET)
Received: from jbackus@localhost by asterix.urc.tue.nl (8.8.8) 
	  id NAA02842. Wed, 18 Mar 1998 13:33:21 +0100 (MET)
Message-ID: <19980318133321.A23040@asterix.urc.tue.nl>
Date: Wed, 18 Mar 1998 13:33:21 +0100
From: Jos Backus <J.G.E.Backus@urc.tue.nl>
To: Martijn Koster <mak@excite.com>
Cc: Matthew Hunt <mph@pobox.com>, questions@FreeBSD.ORG
Subject: Re: ssh and scp
References: <350E6BC8.41C67EA6@wired.ctech.ac.za> <19980317130555.37679@mph124.rh.psu.edu> <19980318111124.A13158@asterix.urc.tue.nl> <19980318114401.64487@excite.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.90.9
In-Reply-To: <19980318114401.64487@excite.com>; from Martijn Koster on Wed, Mar 18, 1998 at 11:44:01AM +0000
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

	Hello Martijn,

On Wed, Mar 18, 1998 at 11:44:01AM +0000, Martijn Koster wrote:
> > What prevents somebody from storing my public key in his ~/.ssh/identity.pub
> > and logging into server as me?
> 
> The fact that only _you_ have your private key (~/.ssh/identity), with
> which you essentially prove the corresponding public key is yours.

OK, this check is what I was missing in this picture. I wonder how this
verification process works, though. If I have a person's public key, how can
this person (using his private key) prove to me that it indeed is his?

[Maybe we should take this thread out of -questions...]

Thanks,
-- 
Jos Backus                     _/  _/_/_/        "Reliability means never
                              _/  _/   _/         having to say you're sorry."
                             _/  _/_/_/                -- D. J. Bernstein
                        _/  _/  _/    _/
jbackus@urc.tue.nl      _/_/   _/_/_/             use Std::Disclaimer;

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message