306
client uses the protocol version of the server. Otherwise, the client uses its own protocol version. In
either case, the client sends a packet to the server to notify the server of the protocol version that it
decides to use.
5.
The server compares the version number carried in the packet with that of its own. If the server
supports the version, the negotiation succeeds, and the server and the client proceed with key and
algorithm negotiation. Otherwise, the negotiation fails, and the server breaks the TCP connection.
NOTE:
All packets involved in the preceding steps are transferred in plain text.
Key and algorithm negotiation
1.
The server and the client send algorithm negotiation packets to each other, notifying the peer of the
supported public key algorithms, encryption algorithms, MAC algorithms, and compression
algorithms.
2.
Based on the received algorithm negotiation packets, the server and the client figure out the
algorithms to be used. If the negotiation of any type of algorithm fails, the algorithm negotiation
fails, and the server tears down the connection with the client.
3.
The server and the client use the DH key exchange algorithm and parameters such as the host key
pair to generate the session key and session ID, and the client authenticates the identity of the
server.
Through this process, the server and the client get the same session key and session ID. The session key
is used to encrypt and decrypt data exchanged later between the server and client. The session ID is
used to identify the session established between the server and client and is used in the authentication
stage.
CAUTION:
Before the key and algorithm negotiation, the server must have already generated a DSA or RSA key
pair, which is not only used for generating the session key and session ID but is also used by the client
to authenticate the identity of the server. For more information, see "
."
Authentication
SSH supports the following authentication methods:
•
Password authentication
—The SSH server uses AAA for authentication of the client. During
password authentication, the SSH client encrypts its username and password, encapsulates them
into a password authentication request, and sends the request to the server. After receiving the
request, the SSH server decrypts the username and password, checks the validity of the username
and password locally or by a remote AAA server, and then informs the client of the authentication
result. If the remote AAA server requires the user for a password re-authentication, it carries a
prompt in the authentication response to send to the router. The prompt is transparently transmitted
to the client and displayed on the client to notify the user to enter a specified password. After the
user enters the correct password and passes validity check by the remote AAA server, the router
returns an authentication success message to the client.
•
Publickey authentication
—The server authenticates the client by the digital signature. During
publickey authentication, the client sends the
server a publickey authentication request that contains
its username, public key, and publickey algorithm information. The server checks whether the public
key is valid. If the public key is invalid, the authentication fails. Otherwise, the server authenticates
the client by the digital signature. Finally, the server sends a message to the client to inform the