Public-private Key | IPSURE (Hands-On)

Chrooted SFTP with Public Key Authentication

Filed under: *NIX, PKI — Tags: chroot, data encryption, public-private key, secure file transfer, SFTP, SSH — Sezgin Bayrak @ 10:59

Keep Out Strategy Regarding the data transfer security, there are more concerns beyond the authentication weaknesses or the misuse of authorization. Whether it’s wired or wireless, your transmission environment is more likely to be under a packet sniffing threat than you suppose, especially if ever the data you transfer start to possess a great commercial value as you grow up your business. When planning a secure transfer policy for your network, just focusing on the initiation stages at checkpoints where the authentication and authorization processes are taking place, may lead you to not to take into consideration that the data themselves may also include set of clear text authentication schema(s) inside. In such a case, you’d be only hardening the gates with “keep out“ strategy rather than protecting the data on their way. Therefore, data encryption is essential necessity in any kind of corporate environment.

more

SSH Public Key (/w RSA) Authentication and SSH Tunneling – Part 1

Filed under: PKI — Tags: authentication, cryptography, openssh, public-private key, RSA, SecureCRT, SSH tunneling, ssh2 — Sezgin Bayrak @ 23:04

Unix server shell We can say that the primary advantage of the public key authentication is a higher level of security being provided as it doesn’t need a password input that will be transferred over the network and as the “private” one which constitutes the public-private key pair doesn’t need to be transferred or revealed to remote site or a 3rd party during the authentication process or in any time period.

more

12/10/2010

Chrooted SFTP with Public Key Authentication

02/03/2010

SSH Public Key (/w RSA) Authentication and SSH Tunneling – Part 1