SSH Encryption: Difference between revisions

Secure Shell (SSH) is a cryptographic network protocol meant to secure communications over an insecure connection between network devices. One of the ways SSH does this is by using a hybrid approach between asymmetric public/private key- and symmetric cryptography. SSH is most commonly used as a means for secure remote login and command execution, often in the context of a client-server interaction, but is also often used for authentication and in file transfers protocols (SFTP / SCP).

This article will discuss and explore, among other things, the possible ways of creating SSH-keys, the underlying methods of encryption and some general best practices concerning interactions with servers and ssh key management. It is therefore complementary to the article: "SSH for beginners"

Introduction

To understand how communications are encrypted in SSH we first need to understand some basic terms and concepts. The difference between asymmetric and symmetric cryptography is a good place to start.

Symmetric vs Asymmetric

Symmetric cryptography is something probably most people are and have been familiar since their youth. An example: The alphabet has 26 characters and we assign each position a number (a='1', b='2' etc.), then we proceed to "shift" each character for n steps down this sequence. If we take n=1 for example, so that each letter gets "bumped up" one value. This gives: z='1', a='2', b='3' etc). This algorithm is called ROTn and n would be both the key to encrypt and to decrypt the message (hence the name 'symmetric').

RSA vs EdDSA

Server Side

See Also

References

External Links

Other Details

Author: Frank Korving

Last Modified: 21.02.2017