John-Mark,
Thanks. It's working, and now I have a better understanding.
I was not sure if "Thanks" replies were preferred. They can clutter up
conversations and mailing lists.
Scott Weber
Scotty2540_at_gmail.com
On Mon, Dec 28, 2020 at 4:12 PM John-Mark Gurney <jmg_at_funkthat.com> wrote:
> Scott Weber wrote this message on Mon, Dec 28, 2020 at 09:15 -0600:
> > First correct me if I'm wrong, but the protocol seems to use a PKI, but
> not
> > certificates. So the public/private exchange is used to generate the
> > symmetric key, like SSL, but there is no requirement for a CA.
>
> Correct, the host has a public/private key pair, and the user MAY have
> a key pair for authentication as well...
>
> > Now connecting as a client, the
> > function libssh2_userauth_publickey_fromfile(...)
> > requires BOTH the public and private key.
> > Why?
> > Having both keys out in the wild seems to be a serious security risk.
>
> This is the user's key... The key maybe encrypted, which is why the
> passphrase is an argument. If the client doesn't have access to the
> user's private key, it cannot sign a statement that the server uses to
> verify the public key in .ssh/authorized_keys file...
>
> Note: there is a mode that allows a CA to sign certs that can be used,
> but it is not commonly used, but does have some interesting improvements
> security wise.
>
> > Also, I've done some testing, and it appears that only the private key is
> > needed. I can NULL out the public key. (and yet the function name is "
> > ... publickey_fromfile" )
> > Again, why?
>
> Also, I'm looking at the man page, and I believe that this doc is wrong
> (from docs/libssh2_userauth_password_ex.3):
> publickey - Path name of the public key file.
> (e.g.
> /etc/ssh/hostkey.pub). If libssh2 is built against OpenSSL, this
> option
> can be set to NULL.
>
> privatekey - Path name of the private key file. (e.g.
> /etc/ssh/hostkey)
>
> those e.g. should be ~/.ssh/id_rsa.pub and ~/.ssh/id_rsa.. Though it
> could be other names as well..
>
> The likely reason the public key can be NULL'd out is that the private key
> either contains the public key, or the public key can easily be derived
> from the private key (and it is often safest to do so)...
>
> > I have both keys also on the linux server, but it appears (via the conf)
> > that the server only uses the public key.
> > It would seem that putting the public key "out in the wild" and keeping
> the
> > private key on the server is the normal step, at least when creating SSL
> > handshakes.
>
> I think you may have been confused by the above docs, but you are correct
> that the host private key should NOT be used, and even if you did, it
> would not work...
>
> > Would it function if I placed the private key in the authorized_keys file
> > on the server, and used the public key on the client?
>
> No, it would not.
>
> Hope this helps.
>
> --
> John-Mark Gurney Voice: +1 415 225 5579
>
> "All that I will do, has been done, All that I have, has not."
> _______________________________________________
> libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
>
_______________________________________________
libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2021-01-07