I plan to put a SSH server on microcontroller devices. There shall be many devices distributed in a wide range.
The indentity of the server is checked with the server key. The server needs to store the private key to allow the authentication. When I copy the private key to all microcontrollers I have to generate the private key elsewhere (e.g. at my PC). This copy of the private key can be thieved.
It would be more secure when the server generates a key pair and the private key will never be copied from the microcontroller.
- How can I check that I am connected to a server and not to a man in the middle?
- How should I distribute this information to all clients?
The server should work standalone without a hierarchical trust infrastructure?
Aucun commentaire:
Enregistrer un commentaire