crosscompute-audio/video




Pay Notebook Creator: Salah Ahmed0
Set Container: Numerical CPU with TINY Memory for 10 Minutes 0
Total0

SSH authentication

Creating a public/private key pair

ssh-keygen -b 4096 -t rsa
# press enter

in your ~/.ssh folder you should see id_rsa and id_rsa.pub, which are your private and public keys respectively

Authenticating with public and private keys

in a remote machine add your public key (id_rsa.pub) to the remote machine's ~/.ssh/authenticated_users file

in your local machine run

ssh -i ~/.ssh/id_rsa username@ip-address

Disable Password Authentication in remote machine

in the remote machine's /etc/sshd/sshd_config file, change

PasswordAuthentication yes

to

PasswordAuthentication no

Adding a ssh config file for easier log ins

In your local machine's ~/.ssh/config file, add the following

Host my_remote
    User username
    HostName ip-address
    IdentityFile ~/.ssh/id_rsa

Now you can connect by running

ssh my_remote

Asymmetric Encryption

Asymmetric encryption is encryption that deals with public and private keys,

They are computationally intensive but do not require a secure connection to exchange "keys", and so they are used primarily as authentication (in SSH)

The general idea is that Bob has a public key known to everybody, and so Alice would encrypt her messsage with bob's public key and send that to Bob.

If an intruder were to pick up the encrypted message, they would need Bob's private key to decrypt, which only Bob has

The important principle in all asymmetric schemes is the "one-way function", which states:

  1. y = f(x) is computationally easy
  2. x = f<sup>-1</sup>(y) is computationally infeasible

<img src="https://c1.staticflickr.com/1/418/18626777534_fc5524c031_o.gif"&gt;

For authentication purposes Bob would send a challenge to alice using Alice's public key and a random number,

Alice would decrypt the encrypted number using the private key, yielding the original number

Alice would encrypt the number using an md5 hash

Bob would encrypt the original number using same hash

if the Alice's hashed number is the same as Bob's resulting hash, then Alice has authenticated herself

Hashing in Python

In [24]:
import hashlib
import hmac
import random
import sha
import string


def random_string(length):
    return ''.join([random.choice(string.ascii_letters + string.digits) 
                    for x in range(length)])


m = 'i love pie'
em_md5 = hashlib.md5(message).hexdigest()
z = 'i love pies'
ez_md5 = hashlib.md5(z).hexdigest()
print('md5: "%s"  = %s' % (m, em_md5))
print('md5: "%s" = %s' % (z, ez_md5))

e = sha.new(m)
e_sha = e.hexdigest()

salt = random_string(20)
print('salt = %s' % salt)
e = hmac.new(salt, m)
e_hmac = e.hexdigest()
print('hmac: "%s"  = %s' % (m, e_hmac))
print('hmac: "%s" = %s' % (z, e_hmac))

md5: "i love pie"  = 917aaaef7cf28b4a316d23caf1edfecc
md5: "i love pies" = 2009dae57c484738bc34ec9278fd817c
salt = iRCCcw01H0QyDcM5XG8l
hmac: "i love pie"  = c83015b1c4d14ccb82d2d08a20e93569
hmac: "i love pies" = c83015b1c4d14ccb82d2d08a20e93569

hmac

hmac uses a private "salt" that it includes in algorithm to further protect against intruders

Notebook Creator Notebook Created Notebook Contents