Basics skills for SSH
- Lets understand a scenario where alice wants to communicate to Joy. The communication channel which they are using in not secure (Any one can hook & read their messages)
- What can be done by Alice & Joy so that they use the same communication channel, still their message are secure.
- They encrypt and decrypt the messages
- To do this Encryption and decryption we have two major ways
- Symmetric encryption
- Asymmetric encryption
- In Symmetric both Alice and Joy will have the same key to encrypt and do decrypt
- In Asymmetric alice or joy will create a key pair. Alice will have a key and joy will have other key (both are different). One key is called as public & Other is private.
- If the message is encrypted with public key it can be decrypted with private and the other way around
Secure Shell (SSH)
- Telnet was used to communicated with a remote server, Telnet is not a secure communication protocol & it transfers the data over network/internet in a plain text, so to overcome this issue SSH came into existence
- SSH protocol provides the secure way of accessing remote computers.
- IN SSH we will have two parties
- SSH Client
- SSH Server
HOW SSH works
- SSH protocol uses symmetric encryption, asymmetric encryption and hashing in order to secure transmission of information.
- SSH Connection b/w client and server happens in 3 stages
- Verification of server by the client
- Generation of session key to encrypt all the communication
- Authentication of the client by server
Verification of the server by client
- Client initiates ssh connection with server. Server listens to ssh connections by default on port 22. At this point is server identity verified, but we have two cases
- Communication b/w client and server for the first time:
- client is asked to authenticate the server manually by verifying the public key of the server. Once the key is verified, the server will be added to ~/.ssh/known_hosts.
- If the client is not accessing the server for the first time server’s identity will be matched with previously recorded information on known_hosts file
- Communication b/w client and server for the first time:
Generation of SESSION KEY
- After the server is verified, both parties negotiate a session key using some version Diffie-Helmen algorithm.
- This generated session key is used for encrypting and decrypting the message during the session
Authentication of the client
- Final step involves authentication of the client by server. Authentication is done by using SSH key pair
- As soon as session key is generated the authentication happens as mentioned in the following steps
- Client begins by sending an ID of the key pair it would like to authenticate
- Server checks authorized_keys file
- If matching ID is found, server generates a random number and uses the public key to encrypt the number and sends this message
- If the client has the correct private key, it will decrypt this message and obtain random
- This random is combine with session and hash is generated. This hash is sent to server as an answer.
- If the two values match, it proves that client has valid private key and client is authenticated