Solaris 8 x86 rsa pubkey auth problem
Mikhail Manuylov
mikhail.manuilov at gmail.com
Thu May 4 20:53:18 EST 2006
On 5/4/06, Peter Stuge <stuge-openssh-unix-dev at cdy.org> wrote:
> On Thu, May 04, 2006 at 01:40:06PM +0400, Mikhail Manuylov wrote:
> > 1) I can't find where in ssh(1) this feature is mentioned.
>
> Look under FILES.
I see only files description. But there's no mention that keeping
public key among with private on authenticating side will make things
simplier and faster if you use non empty passphrase.
>
>
> > 2) Is there method to check if particular public key is from one
> > pair with user (-i option) supplied private key.
>
> Not without decrypting the private key, which requires the user to
> type the passphrase.
But what if passphrase is empty? Now we can that check public key. Yes
I'm trying to develop a crock, but if someone will shoot himself in a
foot like me?
>
>
> > Cause 100% guessing <private_key_filename>.pub for corresponding
> > pubkey file is somewhat naive.
>
> The server decides if the chosen privat key authenticates the user.
>
> The user (or administrator) controls filenames.
>
> ssh can't do much to change either..
Ok ssh can't but if after pubkey and signature stuff fails we can
offer client a try with sign and send of private key?
>
>
> > BTW, please CC me, cause I'm not subscribed to the list.
>
> Sorry, didn't know that - otherwise I would've done so before too.
That's ok, it was my fault.
>
>
> //Peter
>
--
Truly yours, Mikhail Manuilov
More information about the openssh-unix-dev
mailing list