Grid Guides

Explore How System On Grid Can Work For You

Understanding the SSH Encryption and Connection Process


Table of Contents

Introduction

Where SSH used encryption keys to encrypt the whole connection. For, authentication purpose the public/private asymmetrical key pairs are used not for the encrypting connections.

To generate his key the client and server come together, and the resulting passcode never shares with other parties it must be in secret, for all this key generation done by the process exchange algorithm. Where this exchange gives the same key independently for both client and server. Where the further process discusses later.

Through the session-based process, the symmetrical encryption key is generated to encrypt the data between client and server. Once it is established the total data will be encrypted with a shared secret. Which is done before authenticating a client.

Symmetrical Encryption

Symmetric encryption is a process to encrypt the data by using a secret key, In between server and client for encryption and decryption of data. Symmetrical encryption is also said to be shared key or shared secret encryption. At this encryption process, we use only one key at sometimes paired keys by calculating another key. In SSH sessions symmetric keys are used for communication in between client and server. By using the agreed method both client and host can access the secret key, through this process the resultant key never appears to another person. The whole process used to create a symmetric key by using a key exchange algorithm.

By creating the private key the encryption process in between two machines the data packets move with help of private key only. It involves the password based to access by the user. So all the user details are secured at network team.

Asymmetrical Encryption

The asymmetrical encryption quite differs from symmetrical encryption in this asymmetrical encryption as two keys are required one is a public key and the other one is a private key.

Here public key can share freely with other clients also. It is connected with its paired key. The mathematical connection between public key and private key, the public key which can allow accessing encrypt the data which already decrypted by the private key. It means the public key not able to decrypt the data which is encrypted by the private key.

The private key must be secret and never be shared with other clients or servers, private key required for the public key as a paradigm (a model of something)to work. The decrypting messages only read by the private key that which is encrypted using the associated public key.

In some different areas, SSH use asymmetric encryption.while the initial key exchange process the asymmetrical encryption is used to set up the symmetrical encryption. To generate the shared secret both the clients want to build temporary key pairs which are used for symmetric encryption.

In between server and client symmetrical encryption established to communicate securely. To authenticate with a client it must me allow accessing have put, a server must have a public key to encrypt the client's message. if the client proves by decrypting the message then he owns the private key.

Hashing

The function hash is used to map data in arbitrary size to data in fixed size. Some of the hash functions are hash values, hash codes, digests, or simply hashes.

To manipulate data at SSH formats cryptographic hashing is used, hashing is a method of cryptography we used to covert one type of data into another type of string data. The function which is designed for one way, if u dump a hashing algorithm it generates another string format.

Where hashing is a mathematical operation which operates very simple, but it did not operate reverse. It means the significant difference between hashing and encryption is encryption can do the reverse’decryption’ by using a specific key.

The purpose of using hashes for data integrity to check to authenticate of communication. The primary use in SSH is with HMAC( hash message authentication code) the mechanism which calculating HMAC involving hash functions which combined with a secret key. By this, we can manage the integrity and authenticity of the data.

After the encryption is negotiated the every each message should contain MAC so than other clients will able to verify packet integrity. Here the MAC is calculated through a symmetrical shared secret the message will be packet sequence no.

Where the MAC by itself send the symmetrically encrypted area at the final stage of the packet. Users mainly choose firstly encrypting data methods and then move to MAC.

How SSH Works Using Encryption Methods

SSH works making the connection between the client-server to permit for authentication of 2 system users to encrypt the data passes in between them SSH secure shell which operates by default on TCP port 22. The server visits on port 22 for incoming connections. It builds the secure path to make connections by authenticating the client and opening the other client by making a friendly environment.

The client must make a connection with the server by inciting the TCP handshake To make the secure path. Verifying with the server is it matches with previous records and displaying the required user details or not to make a connection in between them.

Here two ways to establish connections, the very first one is from both sides agree with encryption conditions to make secure connections for the future, and the second-way user must authenticate with himself. If the details match then he allows access.

SSH Encryption Negotiation

If the client wants to connect the server through the TCP, the server gives the encryption protocols with required versions which its supports, and then if the two clients have same protocol and version as same and they make an agreement to get a start with a selected protocol. If in case the server also using the asymmetric public key then the client can check out the connection with a server.

An Authenticating Process of the User

Here the final stage before the user getting access to a server to authenticate a user detail, for this most SSH users use a password. Then the user allowed to enter then Id and password this details entered securely to enter into symmetrical encrypted, by this process no way to get access by another user.

If in case passwords are encrypted, then they not recommend passwords to make connections. Due to this many hackers get access through by default passwords and directly accessing your accounts. In particular situations, user recommend SSH key pairs

Conclusion

Finally, SSH works by using encryption methods shown as above.