I plan to put an SSH server on micro-controller devices. There shall be many devices distributed in a wide range.
The identity of the server is checked with the server key. The server needs to store the private key to allow the authentication. When I copy the private key to all micro-controllers I have to generate the private key elsewhere (e.g. at my PC). This copy of the private key can be thieved.
It would be more secure when the server generates a key pair and the private key will never be copied from the micro-controller.
- How can I check that I am connected to a server and not to a man in the middle?
- How should I distribute this information to all clients?
The server should work standalone without a hierarchical trust infrastructure.
Aucun commentaire:
Enregistrer un commentaire