Bill - WA7NWP wrote:
Suppose I captured all the packets of a SSH encrypted exchange. Would it be possible to decode the contents of the exchange IF one had both the public and private keys?
If you published both, then yes, you could decrypt the exchange I believe. That's not what you want to do generally, since it negates the whole purpose of using it. With both keys public knowledge, then anyone could fake a session using them.
What was being discussed (I thought) was having the public key public and the private key, well, private. If you do a digital signature on packet/SSH rather then encryption by making a hash of the contents of the packet and encrypting it with your private key, then anyone can decrypt the hash to verify it came from the private key in question, but no one can duplicate it for any arbitrary packet.
This should be fine on two counts. a) The hash can be decrypted with a known key, and b) The contents of the hash can be computed by running the hash algorithm over the information in question. This is in fact how you verify the information: you compute the hash yourself, decrypt the one signed by the public key, and verify they are identical.
Bob N2KGO - To unsubscribe from this list: send the line "unsubscribe linux-hams" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
