SSH Encryption

SSH stands for Secure Shell and is mostly used on UDP port 22. SSH is a protocol that is used to remotely access network devices such as routers, switches, APs and many more devices. These SSH sessions are mostly for management and provide a convenient way to manage and verify configuration states without having to physically be next to a network device. Before SSH, there was telnet which used TCP port 23 but telnet is not secure as it provides no type of encryption. SSH is superior being that it allows you to do the same thing Telnet does but with a layer of security. Lets dive into how SSH provides that security.

Diffe-Hellman- The first way SSH sessions are created secure is a key exchange algorithm is used between a SSH server and a client to establish a shared secret key. The algorithm used in SSH to create this key is called “Diffe-Hellman.” During this phase the client picks a secret and the server picks a secret (random numeral value). Once both sides have generated this secret, they then generate public values derived from the secret and share them with each other. The public value will then be put in a Diffe-Hellman algorithm along with the receiver’s own private secret to generate a shared secret key. This key will be used to create the symmetric encryption key and the keys for HMAC authentication. 

Server Authentication- Another way that SSH provides security is through server authentication. This is when the server proves to the client that it is the legitimate server. The process starts when both the client and the server generate a hash. The client generates a hash and the server generates a hash, they do not exchange this hash. The server then takes the locally generated hash and signs this hash with a private key. The server then sends this signature to the client. The client will take this signature, decrypt it with the server’s  public key. Now that the hash has been recovered, the client will compare the hash against the locally generated hash. If they match then the server is legitimate, but if it doesn’t match then the server is not legit. 

AES- Going back to the shared secret key that was generated via the Diffie-Hellman algorithm, once a shared secret key is generated it can now generate a symmetric key via AES (Advanced Encryption Standard.) The symmetric key generated by AES will encrypt the whole session data.

HMAC- The last but not least that SSH does to protect communication is using an algorithm called HMAC (Hash-based Message Authentication Code). This algorithm is used by SSH to provide data integrity and prevent any kind of tampering that can happen during communication. 

As you can see SSH is a much more stacked protocol than Telnet as it offers robust encryption providing not only confidentiality but also integrity for your remote administrative sessions.