[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnumed-devel] Re: New public server up and ready for more GnuMeddin
|
From: |
Karsten Hilbert |
|
Subject: |
Re: [Gnumed-devel] Re: New public server up and ready for more GnuMedding... |
|
Date: |
Wed, 29 Dec 2004 17:30:30 +0100 |
|
User-agent: |
Mutt/1.3.22.1i |
Jim,
> Some months ago I generated a key pair and uploaded the public part
> to Savannah but had not as yet needed to use it. In the time that has
> since passed, I cannot even remember what I used for the password.
> Will I need to "know" that password, or is it needed only temporarily
> to generate the key pair?
Yes, every time you need to "unlock" your local private key
corresponding to the remote public key you will need to know
the passphrase (unless you didn't use a passphrase).
> If in future I get to the point of being comfortable modifying
> anything appropriately within the TWiki directory and so try to
> connect via SSH, how does my private key get offered to Carlos's
> server - does this happen automatically so long as my private key
> file id_dsa continues to be kept in my "user' ("jb") home directory?
Your private key lives in your homedir on your local
machine in ~/.ssh/id_dsa.
Your public key lives in your homedir on Carlos'
server in ~/.ssh/authorized keys.
When you connect via SSH to Carlos' server that server will
use it's copy of your public key to send a challenge to your
machine which can only be solved by using your private key.
Your local machine will ask you for the passphrase so it can
unlock your private key locally, solve the challenge und send
back the response to Carlos' machine. Only then will you be
granted access - and the data on the wire is encrypted, too,
with a symmetric session key.
> --- and if I should move the private key, do I get prompted to
> provide the path/full file specification?
No, you then need to specify the path. That can be done in the
ssh config file (per host) or on the command line.
> Also, should I generate a *different* key pair from what I used on
> Savannah,
Probably, yes.
> in which case how do I avoid the problem of duplicate names
> --- or it is permissible to name it something other than id_dsa, for
> example foo_dsa and foo_dsa.pub
Yes. This you need to specify when you generate the key pair.
>, i.e. the only requirement is that
> the name parts preceding the ".pub" exactly match?
It doesn't have to match.
I usually use "id_dsa@<target designation>.pub".
Karsten
--
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346
- [Gnumed-devel] New public server up and ready for more GnuMedding..., Carlos Moro, 2004/12/23
- [Gnumed-devel] Re: New public server up and ready for more GnuMedding..., David Grant, 2004/12/23
- Re: [Gnumed-devel] Re: New public server up and ready for more GnuMedding..., Carlos Moro, 2004/12/23
- Re: [Gnumed-devel] Re: New public server up and ready for more GnuMedding..., Karsten Hilbert, 2004/12/23
- Re: [Gnumed-devel] Re: New public server up and ready for more GnuMedding..., J Busser, 2004/12/24
- [Gnumed-devel] Re: New public server up and ready for more GnuMedding..., Andreas Tille, 2004/12/24
- [Gnumed-devel] Re: New public server up and ready for more GnuMedding..., J Busser, 2004/12/24
- [Gnumed-devel] Re: New public server up and ready for more GnuMedding..., Andreas Tille, 2004/12/26
- Re: [Gnumed-devel] Re: New public server up and ready for more GnuMedding..., Karsten Hilbert, 2004/12/29
- Re: [Gnumed-devel] Re: New public server up and ready for more GnuMedding..., Karsten Hilbert, 2004/12/29
- Re: [Gnumed-devel] Re: New public server up and ready for more GnuMedding...,
Karsten Hilbert <=
Re: [Gnumed-devel] New public server up and ready for more GnuMedding..., Karsten Hilbert, 2004/12/23
Re: [Gnumed-devel] New public server up and ready for more GnuMedding..., Karsten Hilbert, 2004/12/23