SSHKeyPair Object

Remarks

Since keys are needed for proper operation of wodSSHD (or any other SSH server), SSHKeyPair object will make sure you can easily create or store/retrieve keys you will use with your server. It is suggested that once you generate new key for your server, and clients start to use your server, you do not change the key until there's need to. Changing key often will cause clients few problems, such as:

1. they will not be sure if new key actually belongs to you. If they want to be sure key is actually yours they will have to
2. check if fingerprint they receive, and one you obtain using FingerPrint method matches
3. their client software will have to store new key each time they connect.

Since SSH protocol does not have some common way of determining whether key that client receives actually belongs to the owner, or if someone is tampering with the connection as actually listens to all that is transferred, dealing with keys is a matter of 'trust' between two parties - client and the server. Unlike SSL technology, there are no certificates and signing or tree-alike structure for keys. Rather, when client wants to determine if key is proper and belongs to real person, it should manually check received key (for example it could phone the server's maintainer and ask for fingerprint information) and store it locally when it's certain key is valid.

For proper operation of wodSSHD you should generate at least one key, RSAkey or DSAkey. However, since some clients may be capable of using only one of them, make sure you generate both types, thus all the clients that connect can test at least one. RSA is most common and, by SSH2 specification, should be supported by all clients. However, having DSAkey also will have a positive impact on your clients.

Platforms