Basic Workflow of SSH Connection

Basic workflow of SSH connection uses various techniques and algorithms to provide a secure and reliable connection between local client and remote server. SSH protocol uses symmetric encryption, asymmetric encryption and hashing in order to secure transmission of information. Basic fundamental workflow of SSH connection can be described below:

1. Initiation of connection from the client:

Connection starts when user initiated a SSH connection from the client side. The user specifies the username, host name ( or IP address) of the remote server from the SSH client. Example of the initiation of connection on a command line interface is given.

ssh username@hostname 

2. Server listens of connection:

The remote server listening for the incoming connection initiation from the SSH server software is configured to listen to a specific port. Typically, the default port for SSH is 22 and can also be configured to used different port for various security reasons.

The port number for such cases need to specified during the connection initiation process. Typical example of such cases is:

ssh username@hostname -p port_number

3. Verification of server:

Once, the client initiates a SSH connection with the server. Server listens to a default port 22 or any other ports. At that stage, the server identity is verified and SSH client provides two cases:

• If the client is accessing the server for the first time, client is usually asked to authenticate server manually by verifying the public key of the server.Once the key is verified, the server is added in known_hosts file in ~/.ssh directory on client machine. The known_hosts file contains the information about all the verified servers by the client.
• If the client is not accessing the server for the first time, the server’s identity is matched with previously recorded information in known_hosts file for verification.

4. Key Generation and Exchange:

• Upon successful authentication, a key generation process happens between the client and the server. This process establishes both the parties negotiate a session key using a version of the Diffie-Hellman algorithm. This algorithm is designed in such a way that both the parties contribute equally in generation of session key. The generated session key is shared symmetric key i.e. the same key is used for encryption and decryption.

5. File Transfer:

Once the key exchange process is completed, the user can executes command on the remote server terminal or perform file transfer using protocols like SCP (Secure Copy Protocol) or SFPT ( Secure File Transfer Protocol).

6. Session Closure:

Once the transfer of data and other information completes and the user is done with the SSH session, they can close the terminal which ensures no sensitive data is left vulnerable.

SSH, also known as Secure Shell, is a commonly used method for securely sending commands to a computer network over an unsecured computer network. It uses a cryptographic network protocol for authenticating and encrypting connections between devices. SSH allows for tunneling, or port forwarding, which allows the transfer of data packets across networks. It was developed as a replacement for other unsecured and vulnerable protocols like telnet for seamless solutions for remote access, file transfer, and command-line execution.

SSH operates generally on a client-server architecture, in which a server program accepts or rejects incoming connections, and a client program requests the server for information. Typically, the default port of SSH is 22.

SSH uses public key cryptography to authenticate the remote computer, or, if necessary, allows it to authenticate the server. When a public-private key is generated by the user, authentication is performed when the key pair is generated, and the session will be opened with any password input from the client.