This is a simple PKI(Public Key Infrastructure) simulation system designed to simulate the authentication process among CA (Certificate Authority), HOST, and USER in the SSH (Secure Shell) protocol, as well as the role played by KMS (Key Management System) in this process.
Environment:
python==3.11.4
pip3 install -r requirements.txt
start three terminals:
python CA.py
python client.py
python server.py
The simulation is performed in the following order
CA:input 1 - generate CA host/user's key
SERVER:input 1 - generate local server private/public key and give public key to CA
CLIENT:input 1 - generate local client private/public key and give public key to CA
CA:input 2 - CA issues host certificates
CA:input 3 - CA issues user certificates
SERVER:input 2 - get host certificate and user_ca.public key
CLIENT:input 2 - get user certificate and host_ca.public key
-----ssh start-----
CLIENT:input 3 - ssh log in the server(host), automatically sends the client(user) certificate to the server(host)
SERVER:input 3 - verify the certificate from client(user) and send the server(host) certificate to client(user)
CLIENT:input 4 - verify the certificate from server(host)
clean.py can clean all generated certificates and public and private keys.
python clean.py