Secure Shell (SSH)

Allows a terminal or client to connect to a host terminal with data encrypted as it traverses the network.

• Protocol: TCP
• Port: 22
• Replaced telnet
• SSH servers use public-key cryptography and challenge-response authentication.

Process:

1. Server sends public key to client
2. After the client receives the key, it creates a session ID and encrypts it with the public key.
3. The server decrypts the session ID and uses it in all data transfers going forward.
   • Only the server and client know the session ID
4. SSH server requests username and password to authenticate the client.
   • In addition to usernames and passwords, SSH servers can also use public keys to identify clients. A pair of RSA or DSA (Digital Signature Algorithm) keys are created and the public key is copied to the server.

SSH Keys

SSH key management.

• https://wiki.archlinux.org/title/SSH_keys
• https://www.funtoo.org/OpenSSH_Key_Management,_Part_1
• https://www.funtoo.org/OpenSSH_Key_Management,_Part_2
• https://www.funtoo.org/OpenSSH_Key_Management,_Part_3

Secure SSH.

• https://stribika.github.io/2015/01/04/secure-secure-shell.html