SSH KEYS - Explained in Detail

-

SSH keys are the set of security keys that covers your data from the trespassers. These keys work on the most effective authentication systems and require passwords to unlock and allow one access to use the information secured. SSH stands for Secure Socket Shell, in a simple language it is also known as Secure Shell.

SSH keys are two keys basically, paired together, namely - a public key and a private key. A private key is owned by the officials and the public key is familiar to everyone. The credentials to access the private keys are only given when required and needed. These keys are available in different sizes and different types.




HISTORY -

SSH keys were created in 1995 by Tatu Ylonen. He felt the need to come up with a better security network system because a lot of cybercrimes were being observed at that time and that is how SSH keys were made, with the concept of providing access to the data through username and password, and the one with correct credentials and identity can get the permission. 


The key pairs are also used for other tasks as well other than security and they are - managing networks, operating systems, and configurations.


WORKING -

SSH keys work by following the mechanism of the resemblance of passwords. It is actually a client-based server working mechanism. There are two working phases of SSH Keys and they are :


Phase 1 - Shared Secret Generation 

In the very first phase, both the parties client end, and the server end agree to the protocol and the procedure, thus starts with encryption. After which a public key is shared with the client and a session key is shared b/w both the parties to carry the session.


Phase 2 - Authentication of the client

Server authentication takes place hereafter the client receives the encrypted password and SSH keys come into play.


GENERATING SSH KEYS -

A specific command called ssh-keygen is used to generate the keys. Once the command is created, you can generate your pair of keys after you answer some of the questions. 


SSH keys are securely stored at ~ /.ssh directory, if the user doesn’t have the directory, the ssh-keygen command creates it for the user with correct permissions.

Comments

Post a Comment

Popular posts from this blog

Secure Your Data From Hacker With RBAC System

-
The role based access control system is a secure security approach that helps to protect your business sensitive data from cyber hackers. It is an authorized and restricted cyber security system that gives access data to users that is based on their roles within an organization. It is based on the concept of roles and privileges. The data using the access system is dependent upon authority, competency, and responsibilities.
Read more

Security of Zero Trust Model in Business Infrastructure

-
The Zero Trust Mode l is a cybersecurity approach that assumes no trust by default, both inside and outside a corporate network. This means that every user, device, and application trying to access resources on a private network must be verified and authenticated, regardless of their location or network environment. The model challenges the traditional notion of "trust but verify" by implementing strict access controls and continuous verification processes. 
Read more

Zero Trust vs. Traditional Security: The Power of Automation and AI in Modern Cybersecurity

-
Image
The Zero Trust Model has emerged as a powerful alternative to traditional security models in the ever-evolving cybersecurity landscape. It challenges the long-standing notion of Trust within a network and offers a more proactive, comprehensive approach to safeguarding sensitive data.  This article conducts a comparative analysis of Zero Trust and traditional security models, shedding light on what sets Zero Trust apart and why it is gaining momentum. Traditional Security: The Perimeter Defense Paradigm The idea of a network perimeter has long been a cornerstone of conventional security approaches. Trust is often assumed inside the network, while external entities are treated as potential threats. Critical characteristics of traditional security include: Firewalls and Intrusion Detection Systems (IDS) - They serve as a perimeter defense and stop unlawful entry. To identify insider risks, though, they might have trouble. VPN and Network Segmentation -   These technologies crea...
Read more