[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Edlug Archive May 2004 ]

Re: [edlug] Security questions

To: EdLUG <edlug@xxx.xxx.xxx>
Subject: Re: [edlug] Security questions
From: Dick Middleton <dick@xxx.xxx.xxx>
Date: Mon, 03 May 2004 21:59:48 +0100
In-reply-to: <4096AB00.5080409@xxx.xxx.xxx>
List-post: <mailto:edlug@xxx.xxx.xxx>
List-subscribe: <mailto:edlug-request@xxx.xxx.xxx>
List-unsubscribe: <mailto:edlug-request@xxx.xxx.xxx>
References: <4096AB00.5080409@xxx.xxx.xxx>
Sender: owner-edlug@xxx.xxx.xxx
User-agent: Mozilla Thunderbird 0.5 (X11/20040306)

michael calwell wrote:

I'm trying to get my head around some concepts that have eluded me - notably the mechanics of SSL, SSH and encrypting connections.

First off, does anyone know of any good online primers for these subjects?

These are from the OpenSSh distro... the answers should be there somewhere.

References -

[0] http://www.openssh.com/faq.html
[1] http://www.lothar.com/tech/crypto/
[2] http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
[3] http://www.gzip.org/zlib/
[4] http://www.openssl.org/
[5] http://www.kernel.org/pub/linux/libs/pam/ (PAM is standard on Solaris
    and HP-UX 11)
[6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9
[7] http://www.openssh.com/faq.html

---

it's all made pretty easy really (hiding the reality). When you install ssh some keys are created - the private keys you keep private, the public keys can be dunked onto remote systems (in ~/.ssh/authorized_keys2). If, when you attempt to log into remote system, there is a (public) key which pairs with your private key it logs you in. If there isn't matching key for you then you are authenticated using the normal login method (usually defined by pam) i.e. it asks you for your password.

Your private keys are normally (but don't have to be) passphrase protected - so you need to provide a passphrase to allow ssh to get at them. Since providing these passphrases can be a pain there is a separate utility called keychain which will manage the access to your private keys on a per-session basis.

N.B. the key files are ascii text files - you add/subtract the keys using normal ascii text manipulation tools.

Your public key will usually be found on your local system in ~/.ssh/id-dsa.pub or ~/.ssh/id-rsa.pub. The private keys are in a file named the same except there is no .pub extension.

Dick

-
----------------------------------------------------------------------
You can find the EdLUG mailing list FAQ list at:
http://www.edlug.org.uk/list_faq.html

References:
- [edlug] Security questions
  - From: michael calwell

Prev by Date: Re: [edlug] Security questions
Next by Date: Re: [edlug] [DVDCD] Problems & DVB
Previous by thread: Re: [edlug] Security questions
Next by thread: Re: [edlug] Security questions
Index(es):
- Main
- Thread

Morpheux

This archive is kept by wibble@morpheux.org.DONTSPAMME

homepage