Timeline for SSH authentication by public key and password in the same time
Current License: CC BY-SA 3.0
8 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| S Jan 10, 2017 at 12:14 | history | suggested | рüффп | CC BY-SA 3.0 | corrected typos, improved formatting |
| Jan 10, 2017 at 12:00 | review | Suggested edits | |||
| S Jan 10, 2017 at 12:14 | |||||
| Nov 8, 2013 at 8:57 | comment | added | рüффп | "So the key you generate on your local machine can have (and does by default) a password to decrepit it" --> I guess you are talking about the passphrase here. I made the distinction between password (to connect to the remote server) and the passphrase (to enable key extraction). | |
| Nov 8, 2013 at 8:55 | comment | added | рüффп | "I STRONGLY (and I can't make that bold enough). Suggest you allow only PublicKey based authentication for any ssh servers that you have running on the internet." --> unfortunately it is not my responsibility to choose what method, it is external providers sFTP who choose what is the best for them and we have to fit their choices. Some providers also have firewall rules to enable only our (and others authorized companies) IP(s). | |
| Nov 7, 2013 at 17:57 | history | edited | coteyr | CC BY-SA 3.0 | deleted 27 characters in body |
| Nov 7, 2013 at 17:57 | comment | added | coteyr | You are correct, updating answer. | |
| Nov 7, 2013 at 17:36 | comment | added | doneal24 | You might want to double-check the "in the clear" statement. RFC 4253 (among others) state that the two systems involved in an ssh connection first exchange identification strings. Immediately afterwards they exchange keys and an encryption algorithm and key will be negotiated during the key exchange. When encryption is in effect, all packet payloads must be encrypted. All this happens before you ever see a login: prompt. | |
| Nov 7, 2013 at 15:46 | history | answered | coteyr | CC BY-SA 3.0 |