Groups | Search | Server Info | Login | Register
Groups > comp.os.linux.security > #731
| From | William Unruh <unruh@invalid.ca> |
|---|---|
| Newsgroups | comp.os.linux.security |
| Subject | Re: Are ssh keys tied to a user or the originating machine? |
| Date | 2018-06-04 08:40 +0000 |
| Organization | A noiseless patient Spider |
| Message-ID | <pf2tu8$d5c$1@dont-email.me> (permalink) |
| References | <95o6ic-7c8.ln1@myleafnode.oneyv.org> <6548cf87-2433-4276-bfa7-270a35962f7d@googlegroups.com> |
On 2018-06-04, jc091966@gmail.com <jc091966@gmail.com> wrote: > On Saturday, November 21, 2015 at 1:10:09 PM UTC-5, JimR wrote: >> I'm trying to better understand ssh. >> >> User foo on machine bar generates a keypair, and provides the public key >> to remote user dokes on machine shme . foo connects to dokes account >> at shme, and everything is happy. >> >> Then user foo also has an account on machine baz. He takes the private >> key he generated on machine bar, and copies it to machine baz. Can he >> connect to dokes on shme? My limited testing suggests that it works. >> Is that a universal truth? Yes. Note that there are two keys, a machine key pair, and a personal key pair. The machine keys are to ensure that you actually connect to the machine you claim to be connecting to. (the public keys of those machines are stored in your local machine. It you have never connected to it before, it asks if you ae sure that you are connecting to the right machine, and if you assure the program you are it stores the other side's public key on your machine, so you do not have to give that assurance again) The personal private key is used for the other side to make sure that it is actually you loggin in (your machine uses the private key to sign a message which the other side decodes to make sure it is you). >> >> Next, foo passes his private key to unrelated user thud on machine >> grunt. thud installs the private key owned by foo. Can thud now >> connect to user dokes on machine shme? Very very stupid move. >> >> Next, replace the above ssh keys with PGP keys. Do the same answers apply? What has PGP to do here? It is not used for connecting to machines. But yes, your key pair is yours, and if anyone else gets ahold of it, then can reay any mail you have or ever will encrypt with that key pair. Again a totally stupid thing to do to let anyone get your private key. Anyone, including your wife/lover/boss/National security agency. >> >> Thanks, >> JimR > > I just read your post. How about some appropriate names so we all don't have to keep track of whether "shit" refers to a machine or user. > Hopefully someone else responded to this crap, coz I'm ticked off with the extra work deciphering your questions
Back to comp.os.linux.security | Previous | Next — Previous in thread | Next in thread | Find similar
Are ssh keys tied to a user or the originating machine? JimR <NotReally@yahoo.com> - 2015-11-21 13:01 -0500
Re: Are ssh keys tied to a user or the originating machine? William Unruh <unruh@invalid.ca> - 2015-11-21 18:13 +0000
Re: Are ssh keys tied to a user or the originating machine? Richard Kettlewell <rjk@greenend.org.uk> - 2015-11-22 14:09 +0000
Re: Are ssh keys tied to a user or the originating machine? jc091966@gmail.com - 2018-06-03 19:25 -0700
Re: Are ssh keys tied to a user or the originating machine? William Unruh <unruh@invalid.ca> - 2018-06-04 08:40 +0000
Re: Are ssh keys tied to a user or the originating machine? "Carlos E.R." <robin_listas@es.invalid> - 2018-06-04 11:35 +0200
Re: Are ssh keys tied to a user or the originating machine? Aragorn <thorongil@telenet.be> - 2018-06-04 12:24 +0200
Re: Are ssh keys tied to a user or the originating machine? "Carlos E.R." <robin_listas@es.invalid> - 2018-06-04 13:15 +0200
csiph-web