388f343b |
1 | \versionid $Id: pubkey.but,v 1.3 2001/06/15 19:31:10 simon Exp $ |
024f5783 |
2 | |
3 | \# FIXME: passphrases, examples (e.g what does a key for pasting into |
4 | \# authorized_keys look like?), index entries, links. |
5 | |
e5b0d077 |
6 | \C{pubkey} Using public keys for SSH authentication |
7 | |
024f5783 |
8 | \H{pubkey-intro} Public key authentication - an introduction |
9 | |
388f343b |
10 | Public key authentication is an alternative means of identifying |
11 | yourself to a login server, instead of typing a password. It is more |
12 | secure and more flexible, but more difficult to set up. |
13 | |
14 | In conventional password authentication, you prove you are who you |
15 | claim to be by proving that you know the correct password. The only |
16 | way to prove you know the password is to tell the server what you |
17 | think the password is. This means that if the server has been |
18 | hacked, or \e{spoofed} (see \k{gs-hostkey}), an attacker can learn |
19 | your password. |
20 | |
21 | Public key authentication solves this problem. You generate a \e{key |
22 | pair}, consisting of a public key (which everybody is allowed to |
23 | know) and a private key (which you keep secret and do not give to |
24 | anybody). The private key is able to generate \e{signatures}. |
25 |