I type ssh -p xxx kyungyunlee@someserver.school.com almost everyday. I also use port forwarding and SCP often. I use it only because google told me to do it that way, when working with a remote machine, but I had no idea what these command meant and what they was doing for me. So, I searched a bit, just enough to serve my curiousity.

Agenda

  • What is SSH (secure shell)

  • Major usage

  • History of SSH

  • Why is it secure? How?

What is SSH?

SSH is a cryptographic network protocol that helps users to securely connect to a machine over an unsecure network.

It was developed to be a replacement of other protocols and programs like Telnet, rlogin, FTP and rsh. I am guessing the major drive and the success of SSH is with the rise of internet. Nowadays, major servers (Unix, Linux, Mac) provide SSH by default.

SSH is a client-server model: if you are trying to login to a remote machine at work, your local computer is the client and that remote machine is the server/host. It ensures security through authentication and data encryption process.

What are some major usages of SSH?

  • Operating and managing a remote server

  • Tunneling

  • Port forwarding

  • X11 connections

History of SSH

Tatu Ylonen from Helsink University of Technology created SSH back in 1995, motivated by some password-sniffing attack that happened at his university. The number of users grew quickly, reaching 2 million by year 2000. SSH we know now is the version 2.x, SSH-2.

There is also an OpenSSH, which is a free software version of SSH.

What is secure?

When sending data over a network, SSH encrypts them so that no one else can watch what you are sending. Telnet, for instance, sent data in plain text, so it would be extremely easy to packet sniffer and steal whatever was in your data.

When using Telnet, the evil man-in-the-middle can steal your info.

Random-8 2 copy

When using SSH, the evil monster won’t know how to read the info.

Random-8 2

Data is segmented and wrapped into packets before sending over the network. Diagram below shows the original and encrypted packet. Packet length is the literal size of the packet in bytes, padding amount is the size of padding, payload is the actual data, padding is random bytes that are added to make it harder to locate data (just in case) and message authentication code tells you if the data is still valid or if it has been ruined.

Random-14

So how does all the encryption work?

To start a SSH session, client initiates the TCP connection to the server. SSH server is listening to any requests on port 22 (default). There are 2 things that needs to be done in order to create a valid SSH session. First, the client and the server needs to create a secret channel that will not be eavesdropped by others. Next, the server needs to authenticate the user’s access to its resources.

1. Opening a secret channel

To send data safely, we need a secret channel that only the client and the server can use with an identical symmetric key for data encryption. But how can the client and the server share a secret key in the first place? Obviously, naively sending the secret key over a network is not safe. Therefore, a really smart key exchange algorithm is used to not actually send key to each other, but make one together. This algorithm is called Diffie-Hellman key exchange algorithm. Below is an analogy with color mixing. In reality, multiplicative group of integers modulo n is used.

Random-19 2

As long as the client and the server (Kitty and Pingoo) keep their private keys safely, it is almost impossible for the Bad guy to make the secret key. The highlight of this algorithm is that it is very difficult to “unmix” the already mixed colors.

2. Authenticate the client

It is not enough to just encrypt the data. What if the client is some imposter? The server must check if the client is trustable before allowing the client to do anything. It can be done by simply asking the client for a password or even a more advanced/better option is to use SSH key-pairs (asymmetric encryption).

Both client and the server has a public and a private key-pair. In order to use this type of authentication method, the client should have sent its public key to the server. When times comes and the client tries to connect, the host will identify the client and use its specific public key to encrypt a secret message and send it to the client as a quiz. Since the client can decrypt the message with its private key, the server will know that the client is verified. A common algorithm is RSA.

Generating_an_SSH_key_with_ssh-keygen

(Img taken from ssh.com website)

References

  • https://levelup.gitconnected.com/what-is-ssh-103f89e3e4b8

  • https://www.comparitech.com/blog/information-security/ssh-encryption
  • https://www.ssh.com/ssh/protocol/https://www.youtube.com/watch?v=ORcvSkgdA58
  • https://www.freecodecamp.org/news/a-top-down-introduction-to-ssh-965f4fadd32e/
  • https://www.digitalocean.com/community/tutorials/understanding-the-ssh-encryption-and-connection-process