VanDyke Software Forums

VanDyke Software Forums (
-   General (
-   -   Confused between HostKey and Public/Private key (

dverbern 07-26-2019 01:11 AM

Confused between HostKey and Public/Private key
I'm embarrassed to admit that despite reading through several articles on public key encrytion and the benefits of hostkey as a protection against man-in-the-middle attacks, I'm still unclear whether there is overlap between the concepts of the hostkey and generating public/private key pairs.

Are they entirely separate processes?

bgagnon 07-26-2019 09:54 AM

Hi dverbern,

Completely and entirely separate. :)
(But often confused, so we are glad you asked.)

The host key is the server proving its identity to the client. That's why a fingerprint is provided. So that the end user can verify the identity with the admin of the SSH/SFTP server.

More information on the importance of Host Keys within the Secure Shell protocol can be found in this whitepaper on our website.

Until key exchange is complete/successful, the connection cannot continue.
Public/private key authentication is the client proving who it claims to be to the server. It's one of several forms of authentication that may be supported by the SSH/SFTP server (there's also GSSAPI, password, keyboard-interactive).
Does this info help?

All times are GMT -6. The time now is 01:48 AM.