Date: Wed, 18 Mar 1998 16:46:32 -0600 From: keyser@clio.rice.edu (Kevin Keyser) To: J.G.E.Backus@urc.tue.nl Cc: questions@FreeBSD.ORG Subject: Re: ssh and scp Message-ID: <9803182246.AA14409@clio.rice.edu>
next in thread | raw e-mail | index | archive | help
Jos Backus <J.G.E.Backus@urc.tue.nl> wrote: > On Wed, Mar 18, 1998 at 11:44:01AM +0000, Martijn Koster wrote: > > > What prevents somebody from storing my public key in his ~/.ssh/identity.pub > > > and logging into server as me? > > > > The fact that only _you_ have your private key (~/.ssh/identity), with > > which you essentially prove the corresponding public key is yours. > > OK, this check is what I was missing in this picture. I wonder how this > verification process works, though. If I have a person's public key, how can > this person (using his private key) prove to me that it indeed is his? Suppose you pick some plaintext, encrypt it with my public key and send it to me. If I can then tell you what the plaintext is, then I must be the holder of the corresponding secret key. Kevin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9803182246.AA14409>