SSH, SSL/TLS, Etc., Associated Cryptographic Methods

msbachman

Hello,

How important is it to know the dirty cryptographic details of SSH and SSL/TLS? Because I'm getting conflicting information from different sources concerning things like the type of cryptography that SSH uses by default and whether or not it's public or private key-based.

dynamik

You're not going to have to memorize RFCs for anything like that, but you should have a general understanding of how things work.

Feel free to ask any specific questions.

dynamik

I'm not sure what you mean (I didn't catch this in your first post when I read it earlier). Public and private keys work in conjunction. You can't have one without the other.

And yes, SSH uses asymmetric cryptography (public/private keys): http://en.wikipedia.org/wiki/Secure_Shell

Also, some protocols can be configured to use either symmetric or asymmetric encryption, such as IPSec, while others, such as SSL, use both.

msbachman

dynamik wrote: »

I'm not sure what you mean (I didn't catch this in your first post when I read it earlier). Public and private keys work in conjunction. You can't have one without the other.

And yes, SSH uses asymmetric cryptography (public/private keys): Secure Shell - Wikipedia, the free encyclopedia

Also, some protocols can be configured to use either symmetric or asymmetric encryption, such as IPSec, while others, such as SSL, use both.

Thanks for the help, I actually answered my own question which is why I immediately deleted my post which was in between your two posts above. Thanks for your quick responses.

dynamik

Apparently immediately is too slow for me

Glad to help. Let us know if you have any other questions.

Baldeagle79

msbachman wrote: »

Hello,

How important is it to know the dirty cryptographic details of SSH and SSL/TLS? Because I'm getting conflicting information from different sources concerning things like the type of cryptography that SSH uses by default and whether or not it's public or private key-based.

I would try to know the difference between asymmetric and symmetric algorithms, and know as much about the key/block sizes as you can memorize in a reasonable period of time. Know the relative strengths (which ones are stronger, newer, faster, better, etc), as well. Just speaking of SSL/TLS and SSH, just know when they are used, and for what purpose, and what ports they may run over. The CompTIA questions are very straightforward, at least in my opinion. I finished the test in about 12 minutes (either knew the answer or didn't).

msbachman

Baldeagle79 wrote: »

I would try to know the difference between asymmetric and symmetric algorithms, and know as much about the key/block sizes as you can memorize in a reasonable period of time. Know the relative strengths (which ones are stronger, newer, faster, better, etc), as well. Just speaking of SSL/TLS and SSH, just know when they are used, and for what purpose, and what ports they may run over. The CompTIA questions are very straightforward, at least in my opinion. I finished the test in about 12 minutes (either knew the answer or didn't).

thanks for the assistance, baldeagle79 (and dynamik, of course). I'll be sure to take your guys' advice (actually, right after this post I'll review that stuff). Also, that's the fastest run through that I've heard of! 12 minutes! Did you do well enough to pass?

I kinda adhere to the same idea, you either know it or not, no use in trying to wait on a question and waste all of your energy.

bgrablin

Baldeagle79 wrote: »

..I finished the test in about 12 minutes (either knew the answer or didn't).

8.33 questions a minute. Roughly 7 seconds a question.

Did you get a medal for finishing so fast? Break any land speed records? Nope, you got the same cert as the guy next to you.