How ssh works internally | What are ssh keys

SSH stands for Secure Shell. It is a cryptographic network protocol used for secure communication over an unsecured network. SSH provides a secure channel for accessing a remote computer or server securely, allowing users to securely log in and execute commands remotely.

Password Authentication is the most basic authentication method in SSH. With password authentication, users are prompted to enter their username and password when connecting to a remote server. The server then verifies the provided credentials against its user database.

What are SSH Keys? How does it work?

SSH (Secure Shell) uses cryptographic keys to authenticate a user to a remote server or host. The SSH key pair consists of a public key and a private key.

Here's how it works:

1. Key Generation: To start, a user generates an SSH key pair using cryptographic algorithms. The key pair is typically generated using tools like OpenSSH, PuTTY, or ssh-keygen command-line tool. The key pair consists of a public key and a private key.
2. Public Key: The public key is shared with the server or host that the user wants to access securely. It is usually appended to a file called authorized_keys on the server. The public key can be freely distributed and is used to verify signatures created by the corresponding private key.
3. Private Key: The private key is kept securely by the user. It should never be shared with anyone else. The private key is used to decrypt messages or create digital signatures. It's crucial to keep the private key secure because anyone who has access to it can potentially access the server or host associated with the public key.

Authentication Process:

Let's break down the Authentication Process into simpler words:

1. Client Requests Authentication: The client (the computer trying to connect to the server) starts the authentication process by telling the server which SSH key it wants to use to log in.
2. Server Checks for Key: The server looks at its list of authorized SSH keys to see if the client's requested key is on the list.
3. Server Sends Encrypted Message: If the server finds a matching key, it generates a random number and encrypts it using the public key associated with the SSH key pair.
4. Client Decrypts Message: The client receives the encrypted message from the server and uses its private key (which corresponds to the public key used by the server) to decrypt it, revealing the original random number.
5. Client Sends Hash Back: The client combines the decrypted number with a shared secret key (used for encrypting the ongoing communication) and calculates a special code (a hash) based on this combination using the MD5 algorithm.
6. Server Verifies Hash: The server also uses the shared secret key and the original number to calculate the same special code (MD5 hash). It compares its calculated hash with the one sent by the client.
7. Authentication Success: If the two calculated hashes match, it means the client has the correct private key corresponding to the public key stored on the server. The client is then authenticated, and the server allows the connection.

In simple terms, SSH key authentication works by the client proving it has the correct private key for a specific public key stored on the server. This process ensures secure and authenticated communication between the client and the server.

SSH keys provide a high level of security compared to password-based authentication. They use strong cryptographic algorithms and are resistant to brute-force attacks. Additionally, since the private key remains with the user, it eliminates the need to transmit passwords over the network, reducing the risk of password interception.