SSH: Securing Remote Access
Walk through the SSH handshake, host key authentication, and how SSH protects remote sessions.
SSH-1 vs SSH-2: The Deprecation Story
SSH-1, the original Secure Shell protocol, contained a fundamental design flaw that allowed an active attacker to insert arbitrary data into an encrypted session without being detected. SSH-2, a complete protocol redesign published in 2006 as RFC 4251-4254, addressed these weaknesses with separate transport, authentication, and connection layer protocols, and with stronger integrity checking using HMAC. SSH-1 is deprecated and no modern server should enable it.
SSH Transport Layer: Encryption and Integrity
The SSH transport layer protocol handles the initial key exchange and establishes an encrypted, integrity-protected channel. It negotiates algorithms for key exchange (typically ECDH), host authentication (typically Ed25519 or RSA), symmetric encryption (typically AES-256-CTR or ChaCha20-Poly1305), and MAC (typically HMAC-SHA2-256). Every subsequent packet is both encrypted and integrity-checked using the negotiated algorithms.
All lessons in this course
- What Makes a Secure Protocol
- SSH: Securing Remote Access
- SFTP and SCP: Secure File Transfer
- DNSSEC: Authenticating DNS Responses