SSL is basically Secure Socket Layer
Application
# ssh-keygen -t rsa
this will produce rsa key for your machine that is saved in /root/.ssh/id_rsa
copying of rsa key to client that you wanna be connect in future using Key Based Authentication
keys are permannently added to client side in authorized_key directory
connecting to client
when connection is made it ask for passphrase to decrypt key that was used when ecncrypting
therefore with key based authentication no password is used ..its just decrpyption of key takes place using Key based Authentication .
Thanks....................
Application
- Securing transaction of web using Apache-ssl
- Securing User access for remote access to your linux Computer
- securing VPN using open ssl based tunneling
- Securing email service
It is body of data placed in message to serve as proof of authenticity of sender. It contains encrypted information that associates public key iwith true identity of an indivisual server or other enitiy known as subject
Role of server certificate Authority
Trusted organisation that issues certificate for both server and clients. Suppose a client wants to access the company's extranet webserver securely over HTTPS so client uses https protocol to access content of web server.
Now web browser initiates SSL conection request.Extranet webserver uses private key to encrypt the data and send it to client , who decrypts it using public key of webserver. Since public key send by webserver to client browser there is no way to know wheter public key is authentic , Here comes role of Certificate Authority.
CA issues server certificate signed by CA's own public key . Geniune message from webserver contains this certificate . When browser receives server certificate it decrypts certificate information using well know public key of CA This ensure server certificate is authentic . The browser can then verify domain name used n authentic certificate is same as name of server it is communicating with.
Generating Private key for server
[root@server]# openssl genrsa -des3 -out domain.com.key 1024 -rand /dev/urandom
Gererating Certificate Signing request
[root@server]# openssl req -new -key www.domain.com.key -out www.domain.com.csr
OpenSSH
All user password are stored in /etc/shadow file in linux system instead of /etc/passwd file.
SSh is basically used for secure Login of systems and for executing command on remote system.
Pacakge used is OPENSSH. port it connects is 22.
Its configuration files is /etc/ssh/sshd-config
Secure shell alllows us to authenticate using Public-private key scheme.
ssh-keygen is command use to generate key.
# ssh-keygen -t rsa
this will produce rsa key for your machine that is saved in /root/.ssh/id_rsa
copying of rsa key to client that you wanna be connect in future using Key Based Authentication
keys are permannently added to client side in authorized_key directory
connecting to client
when connection is made it ask for passphrase to decrypt key that was used when ecncrypting
therefore with key based authentication no password is used ..its just decrpyption of key takes place using Key based Authentication .
Thanks....................
No comments:
Post a Comment