2

From what I've read, I was able to deduce a number of steps but I am not sure if they cover all action or if they are 100% correct.

Initial setup for client

  1. Enables ssh service

Initial setup for server

  1. Installs a ssh-server, that will provide a public/private key pair, which will be the server's identity

  2. Now it will listen on port 22 for connections (if you don't configure other port)

Server authentication

  1. The client sends a TCP hello on port 22 and the server replies with it's public key.
  2. The client checks the key in the ~/.ssh/known_hosts file, if it's not there, it asks the user if he validates this key. If the user says yes, the key is registered in that file and the server becomes trusted.

Key generation

  1. Client validates the server's key and sends an OK to the server.
  2. The server replies with a list of known protocols to calculate the symmetric key.
  3. The client chooses one.
  4. Diffie–Hellman key exchange method to calculate the key. Now all the steps from now on are encrypted.

Client authentication

  1. The server asks for client identity.
  2. The client sends the user it wants to connect to.
  3. The server asks for password
  4. If the client sends the password is simple, but if the client has configured key authentication it sends the ID of the key he wants to connects with. I imagine this Id is sent back to the client after ssh-copy-id but I don't know where this is stored.
  5. The server checks the authorized_keys file for the ID and key of that ID.
  6. If not found, i guess it asks for the password. But if found it generates a random number encrypts it with the found key and sends it to the client.
  7. The client decrypts and combines the random number with the symmetric key, hashes it and send the value to the server.
  8. The servers does the same operations and compares the client's value with it's own.
  9. The server sends fail or success.

Are the steps correct and in the right order? Also, I am not sure where does the client stores the information about key-pair authentication set for a certain server and the Id of that pair. Why aren't the steps 5 and 6 encrypted client side to hide a part of the information ? What is the purpose of the private key for the server is it isn't used, or is it?

EDIT: Why doesn't the client generate a symmetric key on ots own, encrypt it with the servers public key and sends it, like in https?

Mihai Podaru
  • 21
  • 2

0 Answers0