[viff-devel] App for verifing SSH fingerprint

[Martin Geisler]

KartheeK <kartheekpn at yahoo.co.in> writes:

Hi!

Sorry about the wait -- I had hoped one of the other regulars on the
list would have answered you by now... I currently don't have much
Internet access in the evenings, but have now setup my computer for
offline mail reading/writing. This mail will be the test :-)

> I am in the process of designing a app that will verify the
> Fingerprint thats generated when a person generates ssh keys.
>
> The end user has his public key uploaded on to a centralised
> directory. He has his finger print with him. The security admin call
> him on his office number and ask him to read out the finger print,
> so as to make sure if indeed he was the one who had uploaded that
> particular public key.

Sounds good, but I'm afraid that VIFF does completely different
things. VIFF allows a number of servers to securely evaluate some
function of their inputs. It has nothing to do with SSH keys.

> Now i want to automate the above process in a secured manner. How
> can VIIF help me in this process? what is the mode of communication
> it uses?

VIFF uses normal TLS (SSL) tunnels -- no SSH tunnels in sight :-)

-- 
Martin Geisler