1. Basic concepts of SSH
SSH (Secure Shell) is a network protocol used to securely transmit data in an insecure network. It is an encryption protocol that protects data from being stolen, tampered with or forged while in transit. The SSH protocol was originally developed by Tatu Ylonen of Finland and has now become a standard network protocol.
①. The composition of the SSH protocol
The SSH protocol consists of three parts: transport layer protocol, user authentication protocol, and connection protocol.
Transport layer protocol: The transport layer protocol is the core part of the SSH protocol, which is responsible for encrypting and decrypting data, and ensuring the integrity and confidentiality of data during transmission. The transport layer protocol uses some encryption algorithms, such as DES, 3DES, AES, etc., and some message authentication code algorithms, such as HMAC, MD5, etc.
User Authentication Protocol: User Authentication Protocol is used to verify the identity of users to ensure that only authorized users can access the system. The user authentication protocol supports multiple authentication methods, such as password authentication, public key authentication, and Kerberos authentication.
Connection protocol: The connection protocol is used to establish and maintain SSH connections. The connection protocol supports multiple connection methods, such as TCP connection, UDP connection, etc.
2. Working principle of SSH
The working principle of the SSH protocol can be divided into four phases: version negotiation phase, algorithm negotiation phase, key exchange phase, and session interaction phase.
①.SSH version negotiation phase (determine V1 version or V2 version)
The version negotiation phase of the SSH protocol is performed before the connection is established. The client sends a version request to the server, and the server replies with a version response. The client and server will determine which version of the SSH protocol to use based on the version number in the version response.
②. Algorithm negotiation stage
After the version negotiation phase, the client and server will conduct algorithm negotiation. The purpose of algorithm negotiation is to determine the encryption algorithm, message authentication code algorithm, and compression algorithm. The client and server determine which algorithms to use based on which algorithms they support.
③. Key exchange stage
After the algorithm negotiation phase, the client and server exchange keys. The purpose of the key exchange is to generate session keys for use during the session interaction phase. During the key exchange, the client and server negotiate which key exchange algorithm to use and use that algorithm to generate a session key.
④. User authentication stage
After the key exchange phase, the client and server perform user authentication. The purpose of user authentication is to verify the user's identity to ensure that only authorized users can access the system. During the user authentication process, the client sends user credentials to the server, and the server verifies the user's identity based on the credentials.
⑤. Session interaction stage
After the user authentication phase, the client and server enter the session interaction phase. During the session interaction phase, the client and server will use the session key to encrypt and decrypt data and perform data transmission.
Summarize
The SSH protocol is a secure network protocol that can protect the confidentiality, integrity, and reliability of data during transmission. The SSH protocol consists of three parts: transport layer protocol, user authentication protocol and connection protocol. The working principle of the SSH protocol can be divided into version negotiation phase, algorithm negotiation phase, key exchange phase, and session interaction phase. In the SSH protocol, user authentication is a very important part, which can ensure that only authorized users can access the system.