Key Management
On Unix-like systems, the list of authorized keys is stored in the home directory of the user that is allowed to log in remotely, in the file ~/.ssh/authorized_keys. This file is only respected by ssh if it is not writable by anything apart from the owner and root. When the public key is present on one side and the matching private key is present on another side, typing in the password is no longer required (some software like MPI stack may need this password-less access to run properly). However, for additional security the private key itself can be locked with a passphrase.
The private key can also be looked for in standard places, but its full path can also be specified as a command line setting (the switch -i for ssh). The ssh-keygen utility produces the public and private keys, always in pairs.
SSH also supports password-based authentication that is encrypted by automatically generated keys. In this case the attacker could imitate the legitimate side, ask for the password and obtain it (man-in-the-middle attack). However this is only possible if the two sides have never authenticated before, as SSH remembers the key that the remote side once used. Password authentication can be disabled.
Read more about this topic: Secure Shell
Famous quotes containing the words key and/or management:
“Power, in Cases world, meant corporate power. The zaibatsus, the multinationals ..., had ... attained a kind of immortality. You couldnt kill a zaibatsu by assassinating a dozen key executives; there were others waiting to step up the ladder; assume the vacated position, access the vast banks of corporate memory.”
—William Gibson (b. 1948)
“This we take it is the grand characteristic of our age. By our skill in Mechanism, it has come to pass, that in the management of external things we excel all other ages; while in whatever respects the pure moral nature, in true dignity of soul and character, we are perhaps inferior to most civilised ages.”
—Thomas Carlyle (17951881)