Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 477
  • Last Modified:

SSH Query-why does it work?

I'm I real SSH newbie (even though i've been using it for years), but I can't work this out, I set up Putty years ago to access a remote Ubuntu box from Windows.
I do vaguely remember setting up the keys, but....anyway, I got a new laptop, downloaded the putty.exe file, fired it up with the target remote IP, and I got in (well, usual uname/pwd challenge). How can that be without without the public key? I'm sure I didn't copy any key files over.
0
Silas2
Asked:
Silas2
  • 2
  • 2
2 Solutions
 
woolmilkporcCommented:
The remote ssh server allows by default logging in via username/passeword.

To disallow this it must be explicitly turned off in sshd_config.
0
 
Silas2Author Commented:
But, scuse my ignorance, but without a public key what make the connection remotely secure? It'll just be plain text won't it
0
 
woolmilkporcCommented:
All ssh communication is encrypted, regardless of the authentication method used, and so is the password. It cannot be "seen" in clear text.

See "man ssh", e.g. here: http://www.openssh.org/cgi-bin/man.cgi?query=ssh&sektion=1&arch=&apropos=0&manpath=OpenBSD+Current

All authentication methods are described in detail there, in the "AUTHENTICATION" paragraph.
0
 
MiftaulCommented:
When client sends the SSH to port 22 of server, the Server sends the required key to the client. Here is a good explanation - Link
0
 
Silas2Author Commented:
Ah, the penny drops, its public/private key but the server issues the public key like a private 'Verisign' which I trust because I'm connecting explicitly to that server IP.
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now