SSH: Private Key vs Public Key

Forum Moderators: phranque

Message Too Old, No Replies

SSH: Private Key vs Public Key

what's the difference?

jake66

8:36 pm on Jan 15, 2010 (gmt 0)

I wasn't sure where to post this, so if it's in the wrong forum; please move it (moderators).

I use SSH to login to my server. cPanel offers a public key & private key.

Which should I really be using to login?

I converted the "public" key to .ppk (for putty) -- is this insecure? Should I be using the "private" key?

What is the difference?

rocknbil

10:29 pm on Jan 15, 2010 (gmt 0)

The public key resides on your server. It is the "lock." If someone gets ahold of it, there's not a whole lot they could do with it.

The private key exists on your computer in a location known only two two elements: you and PuttY (or whatever program you use to SSH to the server.) When you log in, PuttY sends the private key, in combination with the passphrase, over a secure channel to connect with the public key. If it fits, it authenticates you.

If you are using cPanel or anything else, delete private key from the server after creation unless the app does it for you. The private key is to be guarded with your life. :-)

I'm no expert on SSH/GPG keys, but that is the vital info. I usually have an admin create the keys for me and set it up so I don't hose something up. :-)