networking - Confusion regarding SSH Security after Authentication -

-

i have been reading ssh , how uses public key crytography authenticate client. have understood concepts have doubt:

quoting archlinux wiki page:

"when ssh server has public key on file , sees requesting connection, uses public key construct , send challenge. challenge coded message , must met appropriate response before server grant access. makes coded message particularly secure can understood private key. while public key can used encrypt message, cannot used decrypt same message. you, holder of private key, able correctly understand challenge , produce correct response."

after authentication happens , server gives me access, how further messages encrypted? of commands run on server, how ensure response of of commands indeed valid/genuine?

short version: during key exchange phase symmetric cipher chosen , new symmetric key generated. communications after point encrypted and, due properties of (good) key exchange protocol, session key known particular client , server, meaning nobody else can read or modify traffic.

from high level point of view same scheme used in ssl/tls , other similar protocols: 2 parties start asymmetric crypto (slow), use key exchange protocol generate new symmetric key (sometimes called session key) , actual communications encrypted using symmetric crypto (fast).

rfc 4253 , related rfc's contain detailed explanation of ssh protocol.


Comments

Post a Comment

Popular posts from this blog

java - Intellij Synchronizing output directories .. -

-
i trying build project, run in debug mode , keep getting "synchronizing output directories" in intellij. takes around 5-10 minutes actual build. project empty , stored on local drive. tried invalidate catche has not worked. out of ideas .. had similar issues? most likely, of data on network drive or in profile being synchronized network drive. if on windows, try moving .ideaxxx/system directory , work directory somewhere else on c: drive.
Read more

git - Initial Commit: "fatal: could not create leading directories of ..." -

-
i trying make initial commit git repository on github unity project. followed along this guide am. note: reason or another, couldn't set unity's asset serialization mode force text, settled on mixed (which believe should work). when call git clone --bare . , error. note not creator of repository , contributor (though making initial commit). here's in terminal (i'm using git bash): welcome git (version 1.8.4-preview20130916) run 'git git' display index. run 'git <command>' display specific commands. cheddar@cheddar-pc ~ $ cd documents/ics168swarch/ cheddar@cheddar-pc ~/documents/ics168swarch $ git init initialized empty git repository in c:/users/cheddar/documents/ics168swarch/.git / cheddar@cheddar-pc ~/documents/ics168swarch (master) $ git add . warning: lf replaced crlf in assets/prefabs.meta. file have original line endings in working directory. warning: lf replaced crlf in assets/prefabs/pellet.prefab.meta. file have original
Read more