Explanation of SSH

Date: 06/26/04

Date: Sat, 26 Jun 2004 12:30:53 +0100

Having looked at the July issue of Computer Shooper (UK) magazine,
page 269, I am still unclear on how SSH works exactly. I have googled
and have not found a clear explanation.

Please either point me to a web page; or enable my understanding of
the following; or even both.

Steps in SSH connection setup;
1. Client issues SSH command and names server
2. "Shopper" says "server sends back its public host and server keys
to client". You what? Surely there is only one public key it sends
back, and "host and server keys" means just one public key?
3. Client adds server key(s?) to its knownhosts file if it isn't there
4. Shopper says, "Client generates 256 bit random number which it
encrypts using server and client public keys." What is the 256 bit
random number? Is this the client's private key? How do you get client
private and public keys, are they randomly generated once for each SSH
client installation, or are new client public/private keys generated
each time SSH is run?
5."Both the client and server then use this number to generate private
session keys".... you what? Why do you need private session keys if
the server only has one private key always, and the client already has
a public/private key pair from step (4)?

Other questions;
I have to login to my SSH provider using loginname/password. Do those
relate at all to the encryption element of the SSH transaction, ie. is
the username/password somehow a passphrase unlocking the private key
from the encrypted private key which the server stores; or is
username/password simply login authentication with no encryption

Is it the case that the encrypted SSH link is established first, and
then username/password are transferred over the encrypted link? So if
an attacker is watching the link, is the username apparent to them, or

Is client public key generated afresh each time SSH runs, or is it
generated just the once and then the same client public/private key
used for all time?

Sorry for all the questions, I'm curious how all this works and would
like some clarity.

Relevant Pages

  • [Full-disclosure] [GOATSE SECURITY] Clench: Goatses way to say "screw you" to certificate author
    ... Application layer authentication-inherent validation of public key ... Goatse Security’s new simple password-based authentication mechanism ... getting hundreds of thousands or millions of users to install a client ... client hashes locally and then sends the hash to the server. ...
  • Re: Explanation of SSH
    ... I am still unclear on how SSH works exactly. ... Client issues SSH command and names server ... "Shopper" says "server sends back its public host and server keys ... Surely there is only one public key it sends ...
  • [NT] Dark Age of Camelot Man-In-The-Middle
    ... use of RSA public key cryptography and an RC4 based symmetric algorithm. ... Seeing the imminent release of code for cracking the game client (which ... At the beginning of each TCP session, the server sends a 1536 bit RSA ... void bytes_out(unsigned char *data, int len) ...
  • Re: Debian SSH server configuration
    ... I would like to configure a Debian server to only allow clients to ssh ... I don't want any client computers to be able to ssh into ... It sounds like what you are asking for is host based authentication, ... where the server check to make sure that it has the host public key ...
  • Re: ssh security question
    ... In my case - the client is a windows client and the ssh is embedded into the windows nx client. ... Is there any reason I can't run ssh-keygen on the server and copy the private key to the client - and the public key to the "authorised" directory? ... sniffer can catch your passwords, and it would make it trivial to log in ...