This is a brief explanation of my understanding of the SSH1 protocol
authentication. I'm referring to the authentication that is done between
the client and the Server prior to typing in the user password, or .rhosts
authentication occurs.
Can someone provide us with a similar explanation for the SSH2 protocol
authentication between the Server and the client ?
Explanation of the Authentication process when SSH1 protocol is used.:
1. First a user types: ssh servername.ca
In Unix\Linux the client computer reads the ~user/.ssh/config and the
/etc/ssh/ssh_config files.
(Each client has a 1024 bit key to identify itself, and each Server uses a
RSA key which 768 bits that is stored in memory and is regenerated by the
Server every hour it is used or when the sshd daemon starts.)
2. First the Server uses the RSA Cipher algorighm and sends:
Server Public Key + Client Public Key which is stored on the server
/etc/ssh_known_hosts
(Client Public key was already on the Server since it was placed there
during the very first connection to the Server.)
3. Now the client check the Server Public Key against the one in it's own
list of ssh_known_hosts, and if
it's a match then we know it's the same Server. (This prevents Spoofing.)
4. The client then generates a 256 bit random number and encrypts this
random number and the client's public key using the Server public key.
This encrypted number is then send to the server which only the Server can
decrypt using it's private key.
5. Then the Server sends this decrypted number, but encrypts it with the
clients public key. When the client receives the same decrypted number
back, then it knows it's talking to the Server.
6. Now both sides use this random number as a session key to encrypt all
the communication during the connection.
7. Once the host is authenticated, the user authenticates himself by
exchanging an encrypted User ID and Password. The .rhosts authentication
is disabled by default on the Server, since it is insecure. The Server can
be configured using command line options which will override the config
file.
After a connection is established the rest of the session is encrypted
using the default cypher IDEA, which is very secure.
Thanks,
ARTHUR
