From owner-freebsd-questions Wed Mar 18 13:14:51 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA22292 for freebsd-questions-outgoing; Wed, 18 Mar 1998 13:14:51 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from mn26hp6.honeywell.com (mn26hp6.honeywell.com [129.30.4.6]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA22063 for ; Wed, 18 Mar 1998 13:14:42 -0800 (PST) (envelope-from sleas@mn26hp6.honeywell.com) Received: from localhost by mn26hp6.honeywell.com with SMTP (1.40.112.4/16.2) id AA179735557; Wed, 18 Mar 1998 15:12:37 -0600 Date: Wed, 18 Mar 1998 15:12:37 -0600 (CST) From: Shawn Leas To: Jos Backus Cc: Martijn Koster , Matthew Hunt , questions@FreeBSD.ORG Subject: Re: ssh and scp In-Reply-To: <19980318133321.A23040@asterix.urc.tue.nl> Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 18 Mar 1998, Jos Backus wrote: > Hello Martijn, > > On Wed, Mar 18, 1998 at 11:44:01AM +0000, Martijn Koster wrote: > > > What prevents somebody from storing my public key in his ~/.ssh/identity.pub > > > and logging into server as me? > > > > The fact that only _you_ have your private key (~/.ssh/identity), with > > which you essentially prove the corresponding public key is yours. > > OK, this check is what I was missing in this picture. I wonder how this > verification process works, though. If I have a person's public key, how can > this person (using his private key) prove to me that it indeed is his? > > [Maybe we should take this thread out of -questions...] What you need is to subscribe to the cypherpunks mailing list. It's archived at one of the major sites. Just do a search on Yahoo, you'll find it. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message