diff options
author | Micah Anderson <micah@riseup.net> | 2008-08-18 21:06:24 -0400 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2008-08-18 21:06:24 -0400 |
commit | 6ac379bdd75617cfab19c3b175a2e10257444de3 (patch) | |
tree | 174a0b650b030fd1f0a43d7de4b87af81ac7e17c /website/index.mdwn | |
parent | 1c1d84bc446cc6d55ba4cd5efc7f5a6c3573fa93 (diff) | |
parent | f4d2a81d7fa375af270b95da25acea8b0a0150e5 (diff) |
Merge commit 'jrollins/master'
Diffstat (limited to 'website/index.mdwn')
-rw-r--r-- | website/index.mdwn | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/website/index.mdwn b/website/index.mdwn index 853c75b..6583e18 100644 --- a/website/index.mdwn +++ b/website/index.mdwn @@ -9,7 +9,7 @@ yourself and the servers you administer or connect to. OpenPGP keys are tracked via GnuPG, and managed in the `known_hosts` and `authorized_keys` files used by OpenSSH for connection authentication. -[[bugs]] | [[download]] | [[news]] | [[documentation|doc]] +[why?](/why) | [[bugs]] | [[download]] | [[news]] | [[documentation|doc]] ## Conceptual overview ## @@ -26,13 +26,14 @@ keys for authenticating to a server (known as "`PubkeyAuthentication`"), rather than relying on a password exchange. But again, the public part of the key needs to be transmitted to the server through a secure out-of-band channel (usually via a separate -password-based SSH connection) in order for this type of -authentication to work +password-based SSH connection or a (hopefully signed) e-mail to the +system administrator) in order for this type of authentication to +work. [OpenSSH](http://openssh.com/) currently provides a functional way to -managing the RSA and DSA keys required for these interactions through -the `known_hosts` and `authorized_keys` files. However, it lacks -any type of [Public Key Infrastructure +manage the RSA and DSA keys required for these interactions through +the `known_hosts` and `authorized_keys` files. However, it lacks any +type of [Public Key Infrastructure (PKI)](http://en.wikipedia.org/wiki/Public_Key_Infrastructure) that can verify that the keys being used really are the one required or expected. |