This week we don’t have a show topic, so instead just enjoy our ramblings about what we have been up to:
- Configure workgroup computers to speak to WSUS
- wauaclt /detectnow
- Mikrotik Routers
- 1 Port Adsl Router
- Postfix Mail Server
- “The Lone Sysadmin” blog
SSH / SCP / Public Private keys
Public key authentication is a key-based authentication method of authentication instead of using password authentication, which means you don’t have to give away system passwords to third parties.
Public key pair consists of two parts – a public key and private key. The private key sits on the device/server which you are connecting from (in my case the client/customers who are sending
files by FTP to my server).The public key from that client sits on my server and is assigned to users accounts who dial in to transfers their files. When the remote server connects it sends a message encrypted with the private key. My server decrypts the message with the public key to confirm the remote server is who it is saying it is and that the message which was sent was encrypted with the private key of the remote server.
The first time an SFTP client connects to an SFTP server, The SFTP server presents its SSH host key fingerprint before the Public Key authentication happens. Usually the SFTP application prompts the usages to save this fingerprint to a known host file. So that every time the SFTP clients connects to the SFTP server it compares this fingerprint with the fingerprint which the SFTP client sends. This confirms that SFTP client has connected to this SFTP server in the past and it knows to trust it. As some SFTP clients are automated processes they can’t automatically add the host fingerprint to its own host file. The client might request a copy of the host fingerprint so they can manually add it to their known host file.