The SSH Book
How to generate SSH public/private keys
How to log into in a remote machine (that holds your public key) using SSH
How does SSH work?
SSH makes use of symmetric encryption, asymmetric encryption and hashing.
Symmetric encryption is when you use a secret key for both encrypting and decrypting data. The sender and the receiver of the data both have access to a copy of the same key. This allows the sender to encrypt data and the receiver to decrypt data.
A Key Exchange Algorithm provides a secure way to infer what the secret key is from pieces of public data. The secret key is never actually transmitted from one point to another. The KEA is accomplished through the use of asymmetric encryption. Once each computer has received the public key from the other computer, it uses its own private key and the received public key to infer a new key. This new key is identical on both computers and is generated by the Diffie-Hellman Key Exchange Algorithm. This new key is used during the SSH session for symmetric encryption for data exchange between the two computers and then destroyed once the SSH session ends.
Asymmetric encryption is when you have a pair of keys, one private and the other public. The private key is never shared and used to encrypt data for transmission or decrypt data for reception. The public key can be made publicly available to anyone to encrypt data for transmission or decrypt data for reception. The data encrypted by a key in the pair can only be decrypted by the other key in the pair and vice versa.
Last updated