×

Good News Everybody!

The new search engine is LIVE!

Please report any problems to david (at) midrange.com.



  1.  Home
  2. OPENSOURCE
  3. May 2024

Re: [IBMiOSS] Understanding SSH Key Pairs

On 5/26/2024 2:19 AM, Arnie Flangehead wrote:

I've read a couple of tutorials, but I'm stuck on the concept of public and
private keys.

Public and private keys are related by a complex mathematical equation.
You give your public key to everyone - you can even post it on your public web site.
You keep your private key as secret as humanly possible.

You encrypt with the other party's public key (thus the name public key encryption). They decrypt with the matching private key.

If you generate your private key from the public, what stops a baddy from
intercepting your public key and doing the same generation then
impersonating you?

You don't generate a private key from the public one - they are generated together, in one single mathematical operation. The math is one-directional; it is exceptionally difficult to work out what the private half of the key pair is when all you have is the public half, or a message encrypted with the public half. It also means that you can't decrypt a message that you yourself encrypted with their public key - you don't have their matching private key!

Do you get a different private key each time you generate from the public
key? Would this then be invalid for a connection you've used before? e.g.
If you test with one User Profile then switch to another.

You can only ever create a new pair of keys. You can't generate a new private half and keep the same public half. This would break the math that binds them.

One way to get some practise is to do all of the steps on systems that you control - your Windows PC and your IBM i server. https://ibmi-oss-docs.readthedocs.io/en/latest/user_setup/README.html?highlight=ssh

Step 6 in particular describes making a password-free SSH connexion between your PC and IBM i. But do read the whole thing before starting to execute any commands. The general idea of step 6 is that you will create a key pair on your PC, and a key pair on your IBM i, and exchange the PUBLIC key halves.

PuTTY on your PC and bash on your IBM i are super useful to become accustomed to!


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.