Find the answer to your Linux question:
Results 1 to 4 of 4
I am wondering if anybody is familar with how the code for this utility is written. Basically my main concern does ssh-keygen always produce the same private and public keys. ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Apr 2011
    Posts
    96

    ssh-keygen?


    I am wondering if anybody is familar with how the code for this utility is written.

    Basically my main concern does ssh-keygen always produce the same private and public keys.

    Basically if person A on computer A used ssh-keygen to generate a private/public key
    And person B on computer B generated a public key that was the same as person A would person B's private key generated be the same nessarially as well?

    question 2
    what would happen if ssh-keygen generated the same public key for two different users. Is this even possible or does the security peusdorandom key generator algorithm for ssh-keygen
    prevent this some how?

  2. #2
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    3,844
    As the keys are generated using prime numbers which are selected randomly, there is a very slim chance that the keys you generate may have been generated for another user before. The chances of two people sat at side-by-side computers generating the same keys by running the tool at the same time is so infinitesimally small that you shouldn't worry about it. If this worries you, then all you have to do is generate two keys and pick one using your own off-line random number generator (e.g. flip a coin, roll a die, etc.)

    If two keys were generated that were the same, how would the users know? People don't, as a matter of course, go comparing public keys from two individuals, and the potential number of keys that could exist makes that an impractical method of key breaking anyway.

    Think of it like a key to your house - someone on the other side of your nation might by complete random co-incidence have the same physical door key as you but the chances of them using it to unlock your door is pretty remote.
    Linux user #126863 - see http://linuxcounter.net/

  3. #3
    Just Joined!
    Join Date
    Apr 2011
    Posts
    96
    I agree with you. But I was wondering as more and more people in the world use this program day in and day out over the years it stands to reason that eventually if somebody was generating keys and storing them in a database they would hit somebodies public key/private key some day for sure. Now weather this would take 100 years , 1000years ,...etc depends on the factors , algorithm ,...etc ( in any case ssh-keygen is not 100% guarenteed to not produce duplicate keys)

    Also I am wondering is it possible to get the source code of ssh-keygen.
    If so could you provide a link.

  4. #4
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Location
    Nottingham, England
    Posts
    3,844
    The source for SSH-Keygen should be in your package manager. You may need to enable the source code repository, but it's not difficult to do. How you do that depends on which distribution you have.
    Linux user #126863 - see http://linuxcounter.net/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •