Show Contents / Index / Search

Public Key Authentication

Reflection for Secure IT uses public key host authentication by default. The server automatically generates a new host key (or migrates an existing host key) during installation. The default key is an RSA 2048-bit key.

Public key cryptography uses a mathematical algorithm with a public/private key pair to encrypt and decrypt data. One of the keys is a public key, which can be freely distributed to communicating parties, and the other is a private key, which should be kept secure by the owner of the key. Data encrypted with the private key can be decrypted only with the public key; and data encrypted with the public key can be decrypted only with the private key.

When keys are used for authentication, the party being authenticated creates a digital signature using the private key of a public/private key pair. The recipient must use the corresponding public key to verify the authenticity of the digital signature. This means that the recipient must have a copy of the other party's public key and trust in the authenticity of that key.

Related Topics

Public Key Authentication Sequence of Events

Create a New Host Key

Add a Key to the Client Known Hosts List

Display the Fingerprint of the Host Public Key