What is SSH? How does it work? - 💀 𝒸ʸ𝐛ᵉℝ-匚𝑜𝐝€ＲＣ๏𝕞𝕞𝓤ｎᎥᵗＹ💀

Members Login

Post Info

TOPIC: What is SSH? How does it work?

cYber-coder

Senior Member

Status: Offline

Posts: 317

Date: Apr 5, 2024

What is SSH? How does it work?	Permalink Closed

Telnet and rlogin are communication protocols used to communicate with a remote server. However, Telnet and rlogin are not a secure communication protocol because it does not have any security mechanism and transfers data containing your sensitive information, user passwords over the network/internet with files in plain text format without encryption and thus anyone can get your sensitive information, user passwords shared in plain text format. can review the files. And it can steal your accounts. WHAT IS SSH ? SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol that provides administrators with a secure way to access a remote computer. SSH establishes a cryptographically secure connection between two parties (client and server), with each party authenticating the other and passing commands and output back and forth. HOW DOES SSH WORK ? The SSH protocol uses symmetric encryption, asymmetric encryption and hashing to ensure the transmission of information. SSH connection between client and server occurs in three stages: ➤ Authentication of the server by the client. ➤ Generation of a session key to encrypt all communication. ➤ Authentication of the client . Now I will explain these stages one by one. 1. SERVER AUTHENTICATION The client initiates an SSH connection with the server. The server listens on default port 22 (this port can be changed) for SSH connections. At this point, the server identity is verified. There are two situations: 1 - If the client is accessing the server for the first time, the client will be asked to authenticate the server by verifying the server's public key. The server's public key can be found using the ssh-keyscan command or located in different places. Once the key is verified, the server is added to the known_hosts file in the ~/.ssh directory on the client machine. The known_hosts file contains information about all servers verified by the client. 2 - If the client is not accessing the server for the first time, the identity of the server is matched with the previously saved information in the known_hosts file for verification . 2. PRODUCTION Once the server is authenticated, both parties match on the session key using an encryption command called the Diffie-Hellman algorithm. This algorithm is designed so that both parties contribute equally to generating the session key. The shared session key created is a symmetric key, meaning the same key is used for encryption and decryption. 3. CLIENT VERIFICATION The final stage involves authenticating the client. Authentication is done using SSH key pair. As the name suggests, SSH key pair is nothing but two keys that serve two different purposes. One of these is the public key, which is used to encrypt data and can be freely shared. The other is the private key, which is used to decrypt the data and is never shared with anyone. Once symmetric encryption is established, authentication of the client occurs as follows: ➤ The client starts by sending the server an ID for the key pair with which it wants to authenticate. ➤ The server checks the authorized_keys file of the account the client is trying to log in to for the key ID. ➤ If a public key with matching ID is found in the file, the server generates a random number and uses the public key to encrypt the number and sends this encrypted message. ➤ If the client has the correct private key, it decrypts the message to obtain the random number generated by the server. ➤ The client combines the resulting random number with the shared session key and calculates the MD5 hash of this value. ➤ The client then sends this MD5 hash value (hash) back to the server as a response of the encrypted number message. ➤ The server uses the same shared session key and the unique number it sends to the client to calculate the MD5 hash value on its own. It compares its calculation with the calculation the customer sent back. If these two values match, it proves that the client has the private key and the client has been authenticated . The asymmetry of the keys allows client authentication because the client can only decrypt messages if it has the correct associated private key. cYBER-CODER __________________

Page 1 of 1 sorted by

Tweet this page

Post to Digg

Post to Del.icio.us

Create your own FREE Forum
Report Abuse