I'm trying to implement a login system to sign into a website using public key authentication. I'm not sure if this is feasible.
This is what I plan to do:-
I have seen sites like startssl.com asking for user's private key to verify their identity (see the screenshot attached). So what does it takes to implement such a system?
Public keys are available from a certificate authority, which issues digital certificates that prove the owner's identity and contain the owner's public key. Public keys are created using an asymmetric algorithm, which pairs the public key with an associated private key.
The public key authentication protocol uses two keys per node, a public key for encryption and a private key for decryption. Everybody has access to the public key of a node, while the private key is secret. During authentication, random numbers are generated and exchanged, similar to the shared secret key protocol.
The hash of the transaction data and the digital signature are both broadcasted to the bitcoin network. The digital signature is then used to confirm that the sender knows the private key. This verification process is done by applying a specific mathematical algorithm which involves the public key of the sender.
The first step to configure SSH key authentication to your server is to generate an SSH key pair on your local computer. To do this, we can use a special utility called ssh-keygen , which is included with the standard OpenSSH suite of tools. By default, this will create a 3072 bit RSA key pair.
Just to clarify the flow
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With