Tyne

出自 女性百科
於 2013年1月9日 (三) 14:14 由 Tyne (對話 | 貢獻) 所做的修訂 (新页面: SSH is just a common system allowing a shell (command interpreter) to be properly used over a secure connection. By protected, here, I am talking about that the bond is protected, authent...)

(差異) ←上個修訂 | 最新修訂 (差異) | 下個修訂→ (差異)
前往: 導覽搜尋

SSH is just a common system allowing a shell (command interpreter) to be properly used over a secure connection. By protected, here, I am talking about that the bond is protected, authenticated and ethics tested. The encryption prevents enemies studying the contents of the data being transmitted, the certification allows both the customer and the machine to make sure that they are attached to the other, and not with a intermediate process in a man-in-the-middle strike, and the integrity checking guarantees that the data isn't being changed during transit. Together, these three features provide a secure relationship. 

Windows Committed Server � Praterwiki

Even so, the password based login function transmits your password through this link, to the remote host, where it's hashed and compared with the stored value in the password file. To a lot of, although the bond is protected, this is simply not acceptable. SSH allows the utilization of public key authentication to login to a server. Here, you publish your public key to the machine, and keep your private key on your client device, optionally password protected in order that there is no-one to steal your private key file and use it to achieve access without a password.

Now, if the SSH link is established, the server will need to always check the validation of the client; that is, make sure it's you logging in. This was formerly done by seeking your password, and comparing it against the stored password hash. Now, the server encrypts a randomly generated symbol against your public key, and sends this for your requirements. The private key connected with your public key, stored in a record to which only you've access, either by password protection, filesystem permissions and other means, may be the only key in a position to decrypt this message. Now, your SSH client will decrypt the message and send it back once again to it is compared by the server, which against the original price. In fact, the authentication is usually also checked in the other direction, using the servers public key, which might be located by the customer. It allows you access, once the server knows you contain the private key which corresponds to people key.

So, you might ask, what's the safety benefit here? Well, no secret information has been sent. You are no longer transmitting a password, or are you transmitting all of your private key file. You are utilising the keys to decrypt and encrypt an item of time is worked one by random data, which only. Anyone who did somehow find a way to listen in on this data flow wouldn't be able to restore access by playing back your code, or even by playing back the same data exchange, as a different value would be secured the next time you login, and only the personal key itself can decrypt that.

Public Key authentication is supported in OpenSSH, and also in PuTTY and a great many other SSH programs. Examine your methods documentation for precisely how exactly to use public-key based logins.

取自 "https://www.8beauty.com/wiki/index.php?title=Tyne&oldid=19976"