I'm need help on key authentication.
How does one know if really the priv ate key comes from the expected host.
How do you "lock-down" a key to only one host/computer? so that if another person get hold of the private key by any chance, they wont be able to connect because the key wasn't created for their PC/host.
I'm new to the keys and signatures authentication. Your help will be greatly appreciated.
Thanks in advance.
What are you trying to authenticate to? What you are describing sounds like "client authentication" when establishing a TLS\SSL connection to a server. Check out wikipedia for details http://en.wikipedia.org/wiki/Transport_Layer_Security (see the Client-authenticated TLS handshake section).
When using Digital Certificates to create a digital signature, the certificate is tied to a specific user (not a particular machine) Check out http://en.wikipedia.org/wiki/Digital_certificates for more details.