Menu
In Public-key cryptography is generated a pair of key, one private and one public, the public I put in the Github.
The Private-key decrypts the data and the Public-key encrypts the data. This means when I sent data to github this data is not encrypted because only Private-key decrypts the data?
Update:
Thanks guys, i'm understanding now.
I'm was thinking my data is encypted with that way in github when I send push/pulls. This case is used for login/verification/signing. That's all completely different from the encrypted transmission stream that the SSH connection sets up to send my datas.
Thanks everyone for your responses...
846
Public key cryptography enables the following: Encryption and decryption, which allow two communicating parties to disguise data that they send to each other. The sender encrypts, or scrambles, the data before sending it. The receiver decrypts, or unscrambles, the data after receiving it.
GitHub uses a libsodium sealed box to help ensure that secrets are encrypted before they reach GitHub and remain encrypted until you use them in a workflow. For secrets stored at the organization-level, you can use access policies to control which repositories can use organization secrets.
The public key authentication protocol uses two keys per node, a public key for encryption and a private key for decryption. Everybody has access to the public key of a node, while the private key is secret. During authentication, random numbers are generated and exchanged, similar to the shared secret key protocol.
In public key cryptography, the key distribution of public keys is done through public key servers. When a person creates a key-pair, they keep one key private and the other, known as the public-key, is uploaded to a server where it can be accessed by anyone to send the user a private, encrypted, message.
Not wrong at all, but wrong. (a) The private key decrypts the data encrypted by the public key and (b) the public key decrypts the data encrypted by the private key.
(a): Everybody can encrypt something, but only the owner of the private key can decrypt it.
(b): The owner "encrypt" something with his private key and everybody can decrypt it, what ensures, the it were really the owner, that encrypts the data and not somebody else.
git(hub) makes use of the second scenario: If you push something, it its signed with your private key. The receiver now validates the signature againts the public key it knows from you. If its match, everything is fine.
Update: A (maybe too) simplified description on what happens (when using github with ssh)
Even if its not completely correct, it should describe the idea.
52
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
