You are not logged in.
- Topics: Active | Unanswered
#1 2011-11-27 19:58:10
- FathisAeril
- Member
- Registered: 2010-07-02
- Posts: 82
[Solved] SSH Pub/Priv key question
Hey guys, random question of the day time I guess haha.
I have a server at home that I use as a file server, and soon, a webserver. Haven't done outside access before on it but I just wanted to clarify one thing before I started. I dualboot Win7 and Arch, with Putty and FileZilla on the Win7 side to handle SFTP/SSH access. If I dont use the Public/Private key setup on the win7 side, and just tell it to connect with a username and password. Does SSH still encrypt the traffic? Or is then the username and password and all data sent over that connection, publicly viewable for anyone who's trying to listen in?
More of a curiousity question than anything else, Not really a security nutjob, but I do like encrypting as much of my traffic as I can with how much packet sniffers and the likes have spread in recent years
Last edited by FathisAeril (2011-11-28 04:13:22)
It doesn't matter how much training you have. A broken rib is still a broken rib.
Offline
#2 2011-11-27 21:56:55
- /dev/zero
- Member
- From: Melbourne, Australia
- Registered: 2011-10-20
- Posts: 1,247
Re: [Solved] SSH Pub/Priv key question
If I understand your question, ssh only uses the key pairs for authentication. Regardless of your authentication method, ssh always encrypts everything (or else there would be no point).
Edit: in other words, I think you're getting your Transport and Authentication layers confused. See RFC 4251: SSH Protocol Architecture (Introduction).
Last edited by /dev/zero (2011-11-27 22:18:07)
Offline
#3 2011-11-28 02:06:17
- FathisAeril
- Member
- Registered: 2010-07-02
- Posts: 82
Re: [Solved] SSH Pub/Priv key question
Thanks Dev Zero, yeah that was really just the question of encryption. And It wasnt so much I was getting them mixed up; I just didnt know if the key pairs at the authentication level, was a prereq to the encryption at the transport layer or if they were handled seperately
It doesn't matter how much training you have. A broken rib is still a broken rib.
Offline
#4 2011-11-28 02:16:43
- /dev/zero
- Member
- From: Melbourne, Australia
- Registered: 2011-10-20
- Posts: 1,247
Re: [Solved] SSH Pub/Priv key question
Nah, the spec says authentication happens over the transport layer, implying encryption all the way.
Solved? :-)
Last edited by /dev/zero (2011-11-28 02:23:25)
Offline
#5 2011-11-28 04:12:55
- FathisAeril
- Member
- Registered: 2010-07-02
- Posts: 82
Re: [Solved] SSH Pub/Priv key question
Mhmm, thanks for the quick replies.
Thread marked.
It doesn't matter how much training you have. A broken rib is still a broken rib.
Offline