Practical automatic security enhancement for password-less inter computer communication
Original Publication Date: 2005-Apr-07
Included in the Prior Art Database: 2005-Apr-07
Presented is a method for securely enabling communication among two or more computers in a password-less environment by automatic generation of new KEYS.
Practical automatic security enhancement for password -less inter computer communication
Under normal circumstances, enabling two or more computers to communicate with one another through a password-less ssh mechanism requires manual/human involvement. That is, a set of private/public keys are created on one of the computers, and then they are copied (in the open) over to the other computers. Once the copy phase is completed, all participants can exchange commands and copy files back and forth without using passwords.
In an embedded environment or in an environment where human intervention is not desirable/possible, however, such a mechanism is not satisfactory. In order to enable an automatic password-less infrastructure, all the participating computers need to "share" a common "secret", which should be used as a seed, and then each one can build its own pair of keys, knowing that its peers, in doing the same, will create identical pairs of keys. Such a mechanism works well, but having a permanent "secret-seed" can become a problem in an hostile environment. If, somehow, the "secret-seed" (or the KEY pair) is stolen, it can be used to break into all of the computers that recognize the KEYS based on that "secret-seed".
The solution presented herein will allow for usage of new KEYS every so often, so that it will be more difficult to break in by having the original seed or original pair of private/public keys.
Once a trusted pair of KEYS is created (either by usin...