Why does SSH work with no PKI and no shared secret?
Posted on 2011-09-10
The theory behind secure protocols is - as I understand it - that they rely on symmetric or asymmetric keys. Either a shared secret or a private/public key pair. So a question I've had in the back of my mind for some time is: How is it I can setup a router or firewall and enable ssh on the device and in the next moment SSH to the device from my workstation? No Certificate Authority has been setup, and clearly I never entered a shared key on my ssh client nor at the router/firewall. Is the router just acting as its own CA? Is putty or other just sending out some default public key and somewhere along the install created a private key? It all seems to work as seamlessly as telnet. But how?? Thanks!