cgeb2001's DokuWiki!

User Tools

Site Tools

Trace: ssh_keys
ssh_keys

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
ssh_keys [2021/06/22 16:07] 134.190.232.18ssh_keys [2021/06/22 16:40] (current) 134.190.232.18
Line 34: Line 34:
 $ ssh-copy-id -i ~/.ssh/<id>_rsa.pub <user>@<hostname> $ ssh-copy-id -i ~/.ssh/<id>_rsa.pub <user>@<hostname>
 </code> </code>
 +
 +Of course not just anyone can transfer a Public Key to a remote. Before the transfer initiates, you will be asked to authenticate via your regular password. This should be the last time you are asked to provide your password when logging in to this particular remote!!
  
 This will add your Public Key to a list of Public Keys tracked by the remote in the ''~/.ssh/authorized_keys'' file on the remote's system. This will add your Public Key to a list of Public Keys tracked by the remote in the ''~/.ssh/authorized_keys'' file on the remote's system.
 +
 +You should now be able to login with SSH Keys as follows
 +
 +<code>
 +$ ssh -i ~/.ssh/<id>_rsa <user>@<hostname>
 +</code>
 +
 +If you have chosen to use a passphrase, you will be asked for that now. Et voila! You are now logged in a much more secure way! But why is this much more secure?
 +
 +===How SSH Keys work===
 +
 +The following is a gross oversimplification of what is actually happening behind the scenes but it gives you the gist.
 +
 +A Public Key **encrypts** data and a Private Key **decrypts** data. Within a SSH Key Pair, //only// the Private Key can decrypt data that has been encrypted with the associated Public Key. 
 +
 +A Private Key should NEVER leave your computer and must stay private. NEVER share it with anyone or send it over the internet in any way. A Public Key on the other hand you can distribute freely.
 +
 +When you attempt to login to a remote, the remote will take a randomly generated number and encrypt it with the Public Key that is associated with your account. It will then send that encrypted number over the network to your machine and asks you if you can decrypt it. If you can, that means that you are in possession of the associated Private Key, and hence you prove that you are you. 
 +
 +This is more secure compared to the traditional password system because only encrypted data is sent over the network instead of a plain password, and the randomly generated number is different each SSH session.
 +
 +
ssh_keys.1624388845.txt.gz · Last modified: by 134.190.232.18