Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [ssh]

The Secure Socket Shell (SSH) protocol is an authentication protocol (described in RFC 4252) for securely getting access to a remote computer.

The Secure Socket Shell (SSH) protocol is an authentication protocol (described in RFC 4252) for securely getting access to a remote computer.

It is widely used to control servers remotely. SSH is actually a suite of three utilities — slogin, ssh, and scp — which are are secure versions of earlier UNIX utilities: rlogin, rsh, and rcp. SSH commands are encrypted and secure in several ways. Both ends of the client/server connection are authenticated using a digital certificate, and passwords are protected by being encrypted.

SSH uses RSA public key cryptography for both connection and authentication. Encryption algorithms include Blowfish, DES, and IDEA. IDEA is the default.

81 questions
3
votes
1 answer

Is SSH over TLS 1.2/1.3 overkill?

I am designing a protocol that will have security in mind as one of its key goals. Currently I have selected SSH with TLS as the underlying transport. I selected SSH because it had a variety of extensible authentication methods built-in already,…
Ethin
  • 33
  • 4
3
votes
1 answer

SSH sequence number validity?

Looking at RFC4253, I came across the notion that the MAC is applied the encoded packet concatenated with a sequence number which acts as a counter. However, I couldn't find any information on how that sequence number is validated. What happens if…
Daniel B
  • 347
  • 2
  • 11
2
votes
0 answers

Does the SSH protocol preserve integrity if an endpoint is cloned?

I am trying to find out if the SSH protocol preserves integrity of the transferred data in the following scenario: The SSH client is running on a virtual machine, at some point in the middle of the connection a snapshot is made of the virtual…
kasperd
  • 1,377
  • 1
  • 10
  • 23
1
vote
2 answers

How does the SSH server know the length of data encrypted?

In am learning the SSH RFC An encryption algorithm and a key will be negotiated during the key exchange. When encryption is in effect, the packet length, padding length, payload, and padding fields of each packet MUST be encrypted with the given…
Anon
  • 151
  • 1
  • 5
1
vote
3 answers

What purpose does an SSH private key passphrase serve?

Let's say you generate an SSH RSA key pair with ssh-keygen -t rsa -b 2048. You'll end up with a public and private key. id_rsa id_rsa.pub ssh-keygen will prompt: Enter passphrase (empty for no passphrase): My understanding is that id_rsa will get…
user103814
  • 11
  • 1
0
votes
2 answers

Security implications of storing an ssh passphrase

I'm trying to understand the security implications of encrypting an ssh key with a passphrase, and storing the passphrase in the MacOS key chain or Gnome key-ring. As I understand it, my ssh key passphrase needs to be long to prevent offline attacks…
Steve
  • 101
  • 1