13,420
edits
Changes
no edit summary
In this part of the lab you established an ssh connection to another host using a password to establish your identity. But passwords are not the only or even the best way of authenticating your identity. We can also use Public/Private key encryption.
'''Public Key authentication''' is a method of establishing identity using a '''pair of encryption keys that are designed to work together'''. One key is known as your '''private key ''' (which as the name suggests should remain private and protected) and the other is known as the '''public key. ''' (which as the name suggests can be freely distributed) The keys are designed to work together to encrypt data asymmetrically, that is to say that when we '''encrypt data with one of the keys it can only be decrypted with the other key ''' from the pair. This means that when we connect, ssh can use the private key that only exists on my system in my account, to encrypt a message. That message can be decrypted by anybody with the corresponding public key. While it doesn't mean the message is <u>secure </u> as anybody could decrypt it with the public key, it does establish my <u>identity</u>, if the host can successfully decrypt the message then it must have come from the one person in possession of the private key. This basic method of authentication is used extensively in many network communications protocols that require the ability to authenticate identity.
<ol>
<livalue="10">Start by generating a keypair as your learn account on centos2 using the command:<br /><code>ssh-keygen</code></li>
<li>That should generate output similar to the following:</li>
</ol>