| 1 | \versionid $Id: pubkey.but,v 1.10 2001/11/25 17:32:39 simon Exp $ |
| 2 | |
| 3 | \# FIXME: passphrases, examples (e.g what does a key for pasting into |
| 4 | \# authorized_keys look like?), index entries, links. |
| 5 | |
| 6 | \C{pubkey} Using public keys for SSH authentication |
| 7 | |
| 8 | \H{pubkey-intro} Public key authentication - an introduction |
| 9 | |
| 10 | Public key authentication is an alternative means of identifying |
| 11 | yourself to a login server, instead of typing a password. It is more |
| 12 | secure and more flexible, but more difficult to set up. |
| 13 | |
| 14 | In conventional password authentication, you prove you are who you |
| 15 | claim to be by proving that you know the correct password. The only |
| 16 | way to prove you know the password is to tell the server what you |
| 17 | think the password is. This means that if the server has been |
| 18 | hacked, or \e{spoofed} (see \k{gs-hostkey}), an attacker can learn |
| 19 | your password. |
| 20 | |
| 21 | Public key authentication solves this problem. You generate a \e{key |
| 22 | pair}, consisting of a public key (which everybody is allowed to |
| 23 | know) and a private key (which you keep secret and do not give to |
| 24 | anybody). The private key is able to generate \e{signatures}. |
| 25 |