Y. Ali, S.W. Smith
"Flexible and Scalable Public Key Security for SSH."
Public Key Infrastructure: EuroPKI 2004.
Springer-Verlag LNCS 3093. 43--56. June 2004.
Imposing a traditional X.509 PKI on all SSH servers and clients is neither flexible nor scalable nor (in the foreseeable future) practical. Requiring extensive work or an SSL server at Bob's site is also not practical for many users.
This paper presents our experiences designing and implementing an alternative scheme that solves the public-key security problem in SSH without requiring such an a priori universal trust structure or extensive sysadmin work---although it does require a modified SSH client. (The code is available for public download.)
|Back to home page||Maintained by Sean Smith, email@example.com|