mercredi 11 février 2015

Management of server keys



I plan to put an SSH server on micro-controller devices. There shall be many devices distributed in a wide range.


The identity of the server is checked with the server key. The server needs to store the private key to allow the authentication. When I copy the private key to all micro-controllers I have to generate the private key elsewhere (e.g. at my PC). This copy of the private key can be thieved.


It would be more secure when the server generates a key pair and the private key will never be copied from the micro-controller.



  • How can I check that I am connected to a server and not to a man in the middle?

  • How should I distribute this information to all clients?


The server should work standalone without a hierarchical trust infrastructure.





Aucun commentaire:

Enregistrer un commentaire