[Previous entry: "Help Net Security - Articles - Commenting a firewall"] [Main Index] [Next entry: "Try this helpful workaround for a Linux/Win2K dual boot"]

07/29/2001 Archived Entry: "OpenSSH key management, Part 1"

developerWorks : Linux | Open source : Common threads -- OpenSSH key management, Part 1

Many of us use the excellent OpenSSH (see Resources later in this article) as a secure, encrypted replacement for the venerable telnet and rsh commands. One of OpenSSH's more intriguing features is its ability to authenticate users using the RSA and DSA authentication protocols, which are based on a pair of complementary numerical keys. As one of its main appeals, RSA and DSA authentication promise the capability of establishing connections to remote systems without supplying a password. While this is appealing, new OpenSSH users often configure RSA/DSA the quick and dirty way, resulting in passwordless logins, but opening up a big security hole in the process.