Description

This article is from the SSH - Secure Shell FAQ, by Thomas Koenig Thomas.Koenig@ciw.uni-karlsruhe.de with numerous contributions by others.

2.5. How does it work? (SSH (Secure Shell))

For more extensive information, please refer to the README and RFC
files in the ssh directory. The proposed RFC is also available as an
Internet Draft from ftp://ftp.ietf.org/internet-drafts/draft-ietf-tls-
ssh-00.txt.

All communications are encrypted using IDEA or one of several other
ciphers (three-key triple-DES, DES, RC4-128, TSS, Blowfish).
Encryption keys are exchanged using RSA, and data used in the key
exchange is destroyed every hour (keys are not saved anywhere). Every
host has an RSA key which is used to authenticate the host when RSA
host authentication is used. Encryption is used to protect against
IP-spoofing; public key authentication is used to protect against DNS
and routing spoofing.

RSA keys are also used to authenticate hosts.

 

Continue to:

• prev: 2.4. What kind of attacks does ssh not protect against?
• Index
• next: 3.1. What is the latest version of ssh?

Share and Enjoy

Tags

security, SSH, Secure Shell