Home
How does SSH work?

How does SSH work?

No Comments Digital Media

You have probably already heard of SSH as it is a widely used internet jargon when it comes to anything related to cybersecurity. However, you may be overwhelmed by learning what exactly SSH is and how it works.

In this tutorial, we’ll cover the basics of SSH, along with the underlying mechanisms used by the protocol to provide a secure method of remote access. We will cover the different layers and types of encryption used, along with the purpose of each layer.

Let’s get right into it, okay?

What is SSH – Video

If you don’t have time to read, you can watch our video tutorial instead.

Subscribe for more educational videos!
academy

What is SSH?

SSH, or Secure Shell, is a remote administration protocol that allows users to control and modify their remote servers over the Internet through an authentication mechanism.

Provides a mechanism to authenticate a remote user, transfer input from the client to the host, and relay the output back to the client. The service was created as a secure replacement for unencrypted Telnet and uses cryptographic techniques to ensure that all communications to and from the remote server are encrypted.

The image below shows a typical SSH window. Any Linux or macOS user can SSH to your remote server directly from the terminal window. Windows users can take advantage of the You can run shell commands the same way you would if you were physically operating the remote computer.

This SSH tutorial will cover the basics of how it works, along with the underlying technologies used by the SSH protocol to provide a secure method of remote access. It will cover the different layers and types of encryption used, along with the purpose of each layer.

How does SSH work?

If you use Linux or Mac, then using the SSH protocol is very easy. If you’re using Windows, you’ll need to use an SSH client to open SSH connections. The most popular SSH client is putty, you can .

For Mac and Linux users, go to your terminal and follow this procedure:

The SSH command consists of 3 different parts:

ssh {user}@{host}

The SSH key command tells your system that you want to open a Secure and encrypted Shell Connection. {user} represents the account you want to access. For example, you may want to access the user rootwhich is basically for the system administrator with full rights to modify anything on the system. {host} refers to the computer you want to access. This can be an IP address (for example, 244.235.23.19) or a domain name (for example, www.xyzdomain.com).

Upon pressing enter, you will be prompted to enter the password for the requested account. As you type it, nothing will appear on the screen, but your password is, in fact, being transmitted. Once you’re done typing, hit enter one more time. If your password is correct, you will see a remote terminal window.

See also  What is shared hosting and how does it work?

If you want to learn more about SSH commands, .

Understanding the different encryption techniques

The significant advantage offered by the SSH protocol over its predecessors is the use of encryption to ensure the secure transfer of information between host and client. Host refers to the remote server you are trying to access, while the client is the equipment you are using to access the host. There are three different encryption technologies used by SSH:

1. Symmetric encryption
2. Asymmetric encryption
3.Hashing

Symmetric Encryption

Symmetric encryption is a form of encryption in which a Secret password for both encryption and decryption of a message, both by the client and by the host. Indeed, anyone who has the key can decrypt the message being transferred.

Symmetric encryption is often called shared key (shared key) or shared secret encryption. Usually there is only one key used, or sometimes a pair of keys where one key can easily be computed with the other key.

Symmetric keys are used to encrypt all communication during an SSH session. Both the client and the server derive the secret key using an agreed method, and the resulting key is never revealed to third parties. The process of creating a symmetric key is carried out by means of a key exchange algorithm.

What makes this algorithm particularly secure is the fact that the key is never transmitted between client and host. Instead, the two teams share public data and then manipulate it to independently calculate the secret key. Even if another machine captures the publicly shared data, it will not be able to calculate the key because the key exchange algorithm is not known.

It should be noted, however, that the secret token is specific to each SSH session, and is generated prior to client authentication. Once the key is generated, all packets moving between the two machines must be encrypted by the private key. This includes the password typed into the console by the user, so the credentials are always protected from network packet snoopers.

There are various symmetric ciphers including, but not limited to, AES (Advanced Encryption Standard), CAST128, Blowfish, etc. Before establishing a secure connection, the client and a host decide which cipher to use by publishing a list of supported ciphers in order of preference. The preferred cipher among those supported by clients that is present in the host list is used as the two-way cipher.

See also  How to make a kitchen blog that makes you money (in 5 steps)

For example, if two Ubuntu 14.04 LTS machines communicate with each other via SSH, they will use aes128-ctr as your default encryption.

Asymmetric Encryption

Unlike symmetric encryption, asymmetric encryption uses two separate keys for encryption and decryption. These two keys are known as the public key (public key) and the private key (private key). Together, these keys form the pair of public-private keys (public-private key pair).

The public key, as the name suggests, is openly distributed and shared with all parties. Although it is closely linked with the private key in terms of functionality, the private key cannot be calculated mathematically from the public key. The relationship between the two keys is highly complex: a message encrypted by a machine’s public key can only be decrypted by the same machine’s private key. This one-way relationship means that the public key cannot decrypt its own messages or decrypt anything encrypted by the private key.

The private key must remain private, that is, for the connection to be secure, no third party must know it. The strength of the entire connection lies in the fact that the private key is never revealed, as it is the only component capable of decrypting messages that were encrypted using its own public key. Therefore, any party with the ability to decrypt publicly signed messages must possess the corresponding private key.

Contrary to general perception, asymmetric encryption is not used to encrypt the entire SSH session. Instead, it is only used during the symmetric encryption key exchange algorithm. Before initiating a secure connection, both parties generate temporary public-private key pairs and share their respective private keys to produce the shared secret key.

Once a secure symmetric communication has been established, the server uses the clients public key to generate and challenge and transmit it to the client for authentication. If the client can successfully decrypt the message, it means that it contains the private key needed for the connection. And then the SSH session begins.

hashing

One-way hashing is another form of cryptography used in Secure Shell Connections. One-way hash functions differ from the previous two forms of encryption in that they are never meant to be cracked. They generate a single value of a fixed length for each entry that does not show a clear trend that can be exploited. This makes them virtually impossible to reverse.

It is easy to generate a cryptographic hash of a given input, but impossible to generate the input’s hash. This means that if a client has the correct input, they can generate the cryptographic hash and compare its value to verify if they have the correct input.

See also  How to Create a Minecraft Server? - Explanatory video

SSH uses hashes to verify the authenticity of messages. This is done using HMACs, or hash-based message authentication codes. This ensures that the received command is not altered in any way.

While the symmetric encryption algorithm is selected, a suitable message authentication algorithm is also selected. This works similar to how the cipher is selected, as explained in the symmetric cipher section.

Every transmitted message must contain a MAC, which is calculated using the symmetric key, the packet sequence number, and the content of the message. It is sent out of the symmetrically encrypted data as the final section of the communications packet.

How does the SSH protocol work with these encryption techniques?

The way SSH works is by using a client-server model to allow two remote systems to be authenticated and data passed between them to be encrypted.

SSH operates on TCP port 22 by default (although this can be changed if necessary). The host (server) listens on port 22 (or any other assigned SSH port) for incoming connections. It orchestrates the secure connection by authenticating the client and opening the correct shell environment if the verification is successful.

The client must initiate the SSH connection by initiating the TCP protocol with the server, ensuring a secure symmetric connection, verifying whether the identity displayed by the server matches previous records (typically recorded in an RSA keystore file), and presenting the credentials user IDs required to authenticate the connection.

There are two stages to establishing a connection: first, both systems must agree on encryption standards to protect future communications, and second, the user must be authenticated. If the credentials match, the user is granted access.

Session encryption negotiation

When a client tries to connect to the server via TCP, the server presents the encryption protocols and the respective versions that it supports. If the client has a similar pair of protocol and version, an agreement is reached and the connection with the accepted protocol is initiated. The server also uses an asymmetric public key that the client can use to verify the authenticity of the host.

Once this is established, the two parties use what is known as the Diffie-Hellman Key Exchange Algorithm to create a key…

Related posts:

  1. Looking for a WordPress comment plugin? We give you 9 alternatives
  2. What is a domain? – Explanatory video
  3. Buy And Register Web Domains |
  4. The 24 best sites to learn programming for free

Related Posts

Loading Facebook Comments ...
Loading Disqus Comments ...