SSH and it’s working

SSh is a shorthand for Secured Shell, which follows a client-server architecture.

In the world of computers, where they talk to each other and share data, SSH helps to do it securely (strong encryption).

Why do we need SSH in the first place?

When we think of a secure way, we think of bad actors and their methods of exploitation. If we do not secure the data and its transmission, we can expect data theft, man-in-the-middle attacks, and so on.

Before SSH, there were other protocols such as Telnet, rlogin, and so on, but they were not secure.

Telnet, for example, sends and receives data in plain text that is not encrypted (secured). In the networking world, where several computers are linked together, data transmission may have to pass through several hops/computers before reaching its final destination. As a result, data can be stolen, intercepted, and so on. As a result, SSH is regarded as one of the most secure methods of communicating between clients and remote machines.

It works in the following ways:

As previously stated, it is a client-server protocol used for secure/encrypted communication. It communicates through standard port 22.

There are two types of cryptography: symmetric encryption (private key encryption) and asymmetric encryption (public key encryption).
To authenticate between the client and the remote server, SSH employs public key cryptography. However, the protocol employs symmetric encryption and hashing techniques to exchange messages.

Before data exchange begins, SSH performs several important steps, including:

• Server verification
• Authentication
• Accessing using SSH command

1. Server verification:

It is most likely a straightforward one in which the client initiated the SSH connection to TCP port 22. If the client is being seen for the first time, the client must manually provide the public key.

ls -l ~/ssh/
# Here, the keys must be preset and they will be like id_rsa and id_rsa.pub

To create a new one, follow the below steps:

mkdir ~/.ssh #create a directory if it is not existing

Chmod 700 ~/.ssh #change the permission

ssh-keygen #Key generation command

#Enter the file name to save the key pair
#IMPORTANT: enter the passphrase 
#On the screen you will see where the keys are stored.

2. Authentication:

Authentication is done by generating SSH key Pairs. It generates two keys to serve two different circumstances in which one is a public key and the other is the private key as mentioned above.

• Public key: used for encryption of data that can be shared with others.
• Private key: used to decrypt the data and only the owner will have it(Not for public purposes)

3. Accessing via SSH command:

Mac/Linux users: can directly access via the command line

Windows users: May have to use Putty(Download here) which is the most popular ssh client for windows.

Use the following command:

ssh <username>@<host> -p <port>

#Username: It is not the local system name but it is name of the remote server that we are trying to connect/access
#host: usually it will be either the domain name or the IP address
#Port: it is by default 22 but it can be changed as well for better security


#Example command:
ssh mylab@mylab.xyz -p 3200

#It will prompt for the username and the password

Things/Tips to remember:

• Generate a key with larger bits which is strong for security

Example: ssh-keygen -b 4096

• Changing the passphrase:

ssh-keygen -p

• Display the SSH Key fingerprint:

ssh-keygen -l

Conclusion:

The idea was to give a rough overview of SSH works and why it is necessary for the modern days. In addition, how it can be accessed along with some tips to remember the keys, especially for Mac and Linux users.