HP OpenVMS Systems Documentation

Content starts here

Glossary

  Table of Contents

  Glossary

  Index

Glossary

This glossary defines some of the terms, abbreviations, and acronyms found in this document.

asymmetric key 

The use of two different keys (public and private) to authenticate a user connection.


authentication 

The process of determining another's identity. For example, the SSH server identifies itself to a connecting client during session setup using the server host key and the public/private keypair. The SSH client uses password, publickey, or hostbased authentication to establish its identity to the server.


authentication agent 

The SSH_AGENT utility, which allows you to manage keys.


encryption 

The process of modifying the data stream such that it can only be read by the appropriate decryption technique.


data integrity 

The state that exists when data has not been changed.


decrypt 

The process of modifying encrypted data so that it can be read.


DSA 

Private digital key signature algorithm


encrypt 

The process of modifying data to make it impossible to be read except by the proper decryption function.


GSSAPI 

GSSAPI Authentication and Key Exchange for the Secure Shell Protocol (a Kerberos authentication method).


host-based authentication 

The authentication method where the client and server hosts authenticate each other.


host keys 

The public-private key pair that identifies the server host.


kerberos 

The security protocol that provides strong authentication by using secret-key cryptography.


kerberos password authentication 

The authentication method used by Kerberos—aware applications.


known hosts database 

The database that contains public keys for all client hosts that use the host-based authentication method to connect to the server.


nonrepudiation 

The function that identifies data so that a user or entity cannot deny ownership or action related to the data.


password authentication 

The authentication method in which the client transmits an encrypted password encrypted to the server.


port forwarding 

The function of encapsulating the TCP-based communication session between the SSH client and the SSH server programs. The result is a secure tunnel.


private key 

Of the key pair, the key that is known only to the user. When a message is encrypted with a public key, it can only be decrypted using the private key.


public key 

Of the key pair, the key that is distributed to other systems as part of authentication or another security procedure.


public-key cryptography 

A method of identifying hosts and users using two cryptographically generated keys: a public key and a private key.


public-private key pair 

The set of keys required to perform cryptographic security.


public-key authentication 

The authentication method that uses public-key cryptography to verify the client's identity and requires two pieces of data: your private-public key pair, and, optionally, a passphrase.


public key cryptography 

The process of using a pair of mathematically related keys to verify the identity of hosts and users.


remote command execution 

The process of establishing an interactive session on a remote system without connecting to it (also called tunneling).


remote login 

The process of logging into a system running the SSH server from another system. SSH ensures the data communicated between your client and the SSH server is secure.


RSA 

Rivest-Shamir-Adelman. A private key encryption algorithm


Secure Shell 

The Internet standard for secure file transfers and remote login and command execution. Also known as SSH.


Secure Shell client 

See SSH client.


Secure Shell server 

See SSH server.


secure tunnel 

A communication path established for securely transmitting data using applications that are not SSH-aware.


SSH 

See Secure Shell. In the context of the TCP/IP Services for OpenVMS documentation, this is also referred to as SSH for OpenVMS.


SSH client 

Secure Shell client.


SSH server 

Secure Shell server.


stream-LF file 

File record format in which data is stored as a stream of bytes.


trusted hosts 

Hosts to which you can log in without proving your identity.


tunneling 

See Remote Command Execution.


variable-length file 

Record-oriented file structure inwhich the length of the record varies, and is determined from an explicit field or end-of-record marker.


X11 

A protocol for displaying X terminal formatted server data on client systems.


X11 port forwarding 

An authentication method that encrypts X protocol, which is used by X Window systems.


X Window System 

A protocol for displaying server data on a client system.