|SSH: Secure Shell|
- What is SSH?
sshd (SSH Daemon) is the daemon program for ssh(1). Together these programs replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network.
Each host has a host-specific RSA key (normally 1024 bits) used to idenify the host. Additionally, when the daemon starts, it generates a server RSA key (normally 768 bits). This key is normally regenerated every hour if it has been used, and is never stored on disk.
Whenever a client connects the daemon responds with its public host and server keys. The client compares the RSA host key against its own database to verify that it has not changed. The client then generates a 256 bit random number. It encrypts this random number using both the host key and the server key, and sends the encrypted number to the server. Both sides then use this random number as a session key which is used to encrypt all further communications in the session. The rest of the session is encrypted using a conventional cipher, currently Blowfish or 3DES, with 3DES being used by default. The client selects the encryption algorithm to use from those offered by the server.
More information can be found by reading the sshd(1) and ssh(1) man pages.
- Using SSH(on a UNIX client).
Using SSH is like using telnet. Usage: ssh [-l login_name] [hostname]
The first time a client(host) connects to the server, it will be given the opportunity to add the server's fingerprint to the list of known hosts. Answering "yes" will add the fingerprint and subsequent connections will go directly to the login/password authentication process.
Example session - user pat connecting to ssh.cabm.rutgers.edu
[pat@raven /pat]# ssh -l pat ssh.cabm.rutgers.edu
The authenticity of host 'ssh.cabm.rutgers.edu (188.8.131.52)' can't be established.
RSA key fingerprint is ef:a1:f0:01:93:d1:94:26:ab:98:0a:cf:91:3a:44:93.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ssh.cabm.rutgers.edu,184.108.40.206' (RSA) to the list of known hosts.
Last login: Fri Jun 29 14:12:18 2001 from :0
- More on SSH and where to get SSH clients for various operating systems.
[ Top of Page | Main Page ]