| 摘要 |
An intermediate node 12 between a sender 10 and receiver 14 obtains an authenticator associated with the sender to transparently intervene data communications from the sender to receiver, by authenticating the sender at the intermediary which acts as the receiver to the sender, and also authenticating the intermediate device to the receiver by using the authenticator associated with the sender. The authenticator may comprise a private key of the sender, with public key authentication between the intermediate entity and the receiver being performed according to secure shell (SSH) protocol, using the private key to sign a challenge comprising a session identity for authentication to the receiver device. The private key may be received and stored by the intermediate node from a key management server 16. The communication may be from client to server, intercepted by a data auditor. The auditing node sits as a hound to perform a man in the middle (MITM) role to capture and monitor the traffic travelling in and out of an organizations own network. A single private key may be used for both legs of communication. |
