I need to setup a sftp client the problem i am facing is that sftp client library i am using does not support the host key algorithm supported by sftp server. Basically I am talking about the public key authentication here. My sftp server would send me key generated with EC and my client would send key generated as RSA key. Will these keys be used for anything else after authentication? Note, I am using Renci.Ssh.Net as client library.
Asked
Active
Viewed 973 times
1 Answers
0
(After Q edit)
In SSHv2 (the only one anyone still uses) yes, both the (selected) host key and the client key if any are used only for authentication; the client software must support receiving (and verifying) the host's key type (in your example EC) and the host software must support receiving the client's key type (RSA).
The session key is created using ephemeral Diffie-Hellman (including ECDH or X25519 in modern systems) not the user-visible 'pubkey' files and algorithms, and the two data ciphers (and MACs if applicable) are negotiated separately and use working keys (and IVs if applicable) derived from the session key.
This is mostly described in RFC 4253 especially 6.5, 6.6, and 7. Some options are in other RFCs; see https://en.wikipedia.org/wiki/Secure_Shell#Standards_documentation or http://www.openssh.com/specs.html .
dave_thompson_085
- 9,759
- 1
- 24
- 28
-
Thanks a lot. Exactly what I was looking for. – alinizam May 15 '19 at 10:47