version 1.101, 2001/04/05 15:45:43 |
version 1.102, 2001/04/10 09:13:22 |
|
|
The public key method is similar to RSA authentication described |
The public key method is similar to RSA authentication described |
in the previous section except that the DSA or RSA algorithm is used |
in the previous section except that the DSA or RSA algorithm is used |
instead. |
instead. |
The client uses his private key |
The client uses his private key, |
.Pa $HOME/.ssh/id_dsa |
.Pa $HOME/.ssh/id_dsa |
|
or |
|
.Pa $HOME/.ssh/id_rsa , |
to sign the session identifier and sends the result to the server. |
to sign the session identifier and sends the result to the server. |
The server checks whether the matching public key is listed in |
The server checks whether the matching public key is listed in |
.Pa $HOME/.ssh/authorized_keys2 |
.Pa $HOME/.ssh/authorized_keys2 |
|
|
for protocol version 2). |
for protocol version 2). |
See |
See |
.Xr sshd 8 . |
.Xr sshd 8 . |
.It Pa $HOME/.ssh/identity, $HOME/.ssh/id_dsa |
.It Pa $HOME/.ssh/identity, $HOME/.ssh/id_dsa, $HOME/.ssh/id_rsa |
Contains the RSA and the DSA authentication identity of the user. |
Contains the authentication identity of the user. |
|
They are for protocol 1 RSA, protocol 2 DSA, and protocol 2 RSA, respectively. |
These files |
These files |
contain sensitive data and should be readable by the user but not |
contain sensitive data and should be readable by the user but not |
accessible by others (read/write/execute). |
accessible by others (read/write/execute). |
|
|
It is possible to specify a passphrase when |
It is possible to specify a passphrase when |
generating the key; the passphrase will be used to encrypt the |
generating the key; the passphrase will be used to encrypt the |
sensitive part of this file using 3DES. |
sensitive part of this file using 3DES. |
.It Pa $HOME/.ssh/identity.pub, $HOME/.ssh/id_dsa.pub |
.It Pa $HOME/.ssh/identity.pub, $HOME/.ssh/id_dsa.pub, $HOME/.ssh/id_rsa.pub |
Contains the public key for authentication (public part of the |
Contains the public key for authentication (public part of the |
identity file in human-readable form). |
identity file in human-readable form). |
The contents of the |
The contents of the |
|
|
file should be added to |
file should be added to |
.Pa $HOME/.ssh/authorized_keys |
.Pa $HOME/.ssh/authorized_keys |
on all machines |
on all machines |
where you wish to log in using RSA authentication. |
where you wish to log in using protocol version 1 RSA authentication. |
The contents of the |
The contents of the |
.Pa $HOME/.ssh/id_dsa.pub |
.Pa $HOME/.ssh/id_dsa.pub |
|
and |
|
.Pa $HOME/.ssh/id_rsa.pub |
file should be added to |
file should be added to |
.Pa $HOME/.ssh/authorized_keys2 |
.Pa $HOME/.ssh/authorized_keys2 |
on all machines |
on all machines |
where you wish to log in using DSA authentication. |
where you wish to log in using protocol version 2 DSA/RSA authentication. |
These files are not |
These files are not |
sensitive and can (but need not) be readable by anyone. |
sensitive and can (but need not) be readable by anyone. |
These files are |
These files are |