Date: Wed, 18 Mar 1998 13:33:21 +0100 From: Jos Backus <J.G.E.Backus@urc.tue.nl> To: Martijn Koster <mak@excite.com> Cc: Matthew Hunt <mph@pobox.com>, questions@FreeBSD.ORG Subject: Re: ssh and scp Message-ID: <19980318133321.A23040@asterix.urc.tue.nl> In-Reply-To: <19980318114401.64487@excite.com>; from Martijn Koster on Wed, Mar 18, 1998 at 11:44:01AM %2B0000 References: <350E6BC8.41C67EA6@wired.ctech.ac.za> <19980317130555.37679@mph124.rh.psu.edu> <19980318111124.A13158@asterix.urc.tue.nl> <19980318114401.64487@excite.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Martijn,
On Wed, Mar 18, 1998 at 11:44:01AM +0000, Martijn Koster wrote:
> > What prevents somebody from storing my public key in his ~/.ssh/identity.pub
> > and logging into server as me?
>
> The fact that only _you_ have your private key (~/.ssh/identity), with
> which you essentially prove the corresponding public key is yours.
OK, this check is what I was missing in this picture. I wonder how this
verification process works, though. If I have a person's public key, how can
this person (using his private key) prove to me that it indeed is his?
[Maybe we should take this thread out of -questions...]
Thanks,
--
Jos Backus _/ _/_/_/ "Reliability means never
_/ _/ _/ having to say you're sorry."
_/ _/_/_/ -- D. J. Bernstein
_/ _/ _/ _/
jbackus@urc.tue.nl _/_/ _/_/_/ use Std::Disclaimer;
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980318133321.A23040>