New snapshot
Gert Doering
gert at greenie.muc.de
Fri Nov 17 18:35:40 EST 2000
Hi,
On Thu, Nov 16, 2000 at 07:05:29PM +0100, Markus Friedl wrote:
> > Hmmm. How does ssh1 signature operations? (I'm asking because I'm
> > curious).
>
> SSH1 does encryption with RSA keys, there are no signature
> operations in SSH1. basically, the client generated
> a random session key. this key is encrypted with both the
> host and the server key and sent back to the client.
>
> in SSH2 the private keys (DSA or RSA) are used to sign
> a value derived from the session id.
Thanks for explaining.
> so it's encryption vs. signing with the same keys.
Could anyone send me a pointer where to read up why this is "bad"? I know
(mostly) how public key crypto works, but haven't yet understood these
small bits - I've seen that a few people have separate PGP keys for "sign"
and "crypt", but didn't understnad that either.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert.doering at physik.tu-muenchen.de
More information about the openssh-unix-dev
mailing list