Understanding SSH and It's Workflow

Apr 19, 2019

For a while, all I knew about SSH was that it helped me out connect to remote servers. I tried many times in the past to become more informed about how it actually works under the hood.

Sadly I didn't get anything much and was really struck..

But after months of unavoidable exposure to it, things happened to click, and I finally obtained something fruitful.
SSH is quite an interesting protocol in itself. A lot of people are using it for secure communication between two machines. It first appeared in the mid-'90s as a sort of replacement for the way of connecting to the remote machine over the internet. Before SSH we were using telnet, rlogin, FTP and so on to connect with remote machines.
All this stuff ( telnet, rlogin, FTP) is working perfectly fine but they transmitted all the data in the clear over the network. so if we logged into a remote machine anyone with the packet sniffer between client and the remote machine could see everything we were doing on there. for better understanding see the image below:

So, In 1995, Tatu Ylönen CEO and founder of SSH Communications Security, developed a protocol called SSH to sort of encrypt the data so that no one can see how and what was being sent over the wire(network). This short clip provides an introduction, how ssh discovered.

What is SSH?

SSH (Secure Shell) is a cryptographic network protocol (rules for transferring encoded data over the network) that allows computers to securely communicate with one another. The physical locations of the computers on both ends of an SSH connection don't matter provided that the computers are connected to the accessible network and have SSH set up properly. SSH is typically used via the command line however there are certain graphical user interfaces that allow you to use SSH in a more user-friendly manner.

How Does SSH Work?

SSH protocol uses symmetric encryption, asymmetric encryption, and hashing in order to establish a secure connection between two machines(client & Server). The SSH connection between the client and the server happens in four steps:

  1. Client contacts server to initiate a connection.
  2. The server responds by sending the client a public cryptography key.
  3. The server negotiates parameters and opens a secure channel for the client.
  4. The user, through their client, logs into the server.

So till now we probably have a basic understanding of how SSH works. The SSH protocol employs a client-server model to authenticate two parties and encrypt the data between them. now we will see how data is being sent under the hood using ssh.

So what ssh does is, it breaks the data down into a series of packets and just like any packet transfer these things have a few fields at the beginning. so at the top, we define the packet length. these are 4 bytes saying that the packet is that big.

After that, we have another byte, which tells us how much padding we have got. so till now we have got the packet length and we have got the how much padding there is and then we mention the data we want to share- the payload.

After that, we have the padding that follows that payload. these are just random bytes they don't mean anything but they sort of force the encryption harder to detect what's going on because we have got random data in these. We can also apply compression to the payload if we want to do that and then the whole packet(excluding the packet length) is encrypted.

The algorithm used for the encryption and for the message authentication code is selected by the server and the client. they establish that at the beginning. so they are established by the client and the server. so it can vary from connection to connection.
At the other end, data is decrypted by the server.

For a better understanding of this data flow, see the image given below:

Generate SSH Key

If you are setting up a new machine, first generate a key to the default `~/.ssh/id by running:

ssh-keygen -t rsa
ssh-add ~/.ssh/id_rsa
The created key is a private key you should never share with anyone. A public key ~/.ssh/id_rsa.pub will also be created.


Hope this was clear enough to make you understand the basics of SSH. There are many more details I didn’t mention. We just glanced over the ones that matter the most as a beginner.

Before you go…

Thanks for reading!

If you enjoyed this article, please hold down the clap button below 👏 to help others find it. The longer you hold it, the more claps you give!

And do not hesitate to share your thoughts in the comments below.

Hope this was helpful.

Like this article? Follow @hemantjava on Twitter

Hemant Kumar Singh

Passionate about technology, design, startups and personal development.

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.