Public Key Authentication

Public Key Crypto Pair Key Creation

About

Public key authentication is a asymmetric authentication method where the public keys are used as authentication credential for:

The server has a list of public keys (known as the authorized keys (in ssh) that permits to verify the identity of the client with digital signature verification.

Flow

Registration

The server needs the public key to verify the signature. The public key can be:

  • added by the administrator of the server in a public key store (generally known as the authorized keys)
  • asked during a registration process where the client creates a keypair for the application and sends the public key back.

Sign-in

If the verification succeeds, the client is logged in.

Key Glossary

Identity

The private keys are the identity key.

It then need to be stored and handled carefully, and no copies of the private key should be distributed. The private keys used for user authentication are called identity keys.

Authorized

For instance, if a server considers the key trustworthy, the server marks the key as authorized in its authorized_keys file.

Such keys are called authorized keys.

Storage

SSH - Authorized Keys

SSH stores the Authorized public Keys in the authorized_keys file.

WebAuthn

https://webauthn.guide/ - The Web Authentication API (also known as WebAuthn) allows servers to register and authenticate users using public key cryptography instead of a password.

Flow:

  • Client: I want to create a new account.
  • Server: Send me a public key.
  • Client: Create a new keypair and send the public key
  • Server: Registration complete

The creation of the keypair is generally done via a physical security key.

Note that WebAuthn is part of the FIDO2 framework, a set of technologies that enable passwordless authentication between servers, browsers, and authenticators.





Discover More
Host Key Not Cached Putty
How to create a keypair with OpenSSH KeyGen?

Keygen is a OpenSSH tool that generates a new ssh keypair suitable for public key authentication Install OpenSsh Run ssh-keygen to create a keypair where: -t is the algorithm (implementation)...
Public Key Crypto Pair Key Creation
Keypair (public and a private key)

A keypair is a pair of keys: a public key: Used for encryption or signature verification; and a private one: The decryption key which is kept secret decrypt and sign. They are a component of the...
Public Key Crypto Pair Key Creation
Physical Security Key

A physical security key can log you into an application. Yubico (Yubikey) Feitian For instance, they may generate and store a keypair for public key authentication...
Host Key Not Cached Putty
What are the SSH Authorized Keys file? (on Server)

In public key authentication, the authorized keys are the public keys used to verify the authentication of the client via the digital signature verification. In a PKI model, once an SSH server or client...
Public Key Crypto Pair Key Creation
What is Sender authentication ? (Public Key Authentication based, Certificate-based in Cryptography)

Sender Authentication is based on the digital signature. If you can decrypt the signature successfully, it proves that the message come from: a particular sender or group There is three type of...
Host Key Not Cached Putty
What is the Known Hosts File? (SSH)

Known Hosts File is a client file that: lists all known remote host via their public key is used by the ssh client to verify it via public key authentication where: algo public_key is the public...



Share this page:
Follow us:
Task Runner