Operation Manual – SSHH3C S3610&S5510 Series Ethernet Switches Chapter 1 SSH Configuration1-3protocol version number, while the software version number is used fordebugging.z The client receives and resolves the packet. If the protocol version of the server islower but supportable, the client uses the protocol version of the server; otherwise,the client uses its own protocol version.z The client sends to the server a packet that contains the number of the protocolversion it decides to use. The server compares the version carried in the packetwith that of its own to determine whether it can cooperate with the client.z If the negotiation is successful, the server and the client proceed with key andalgorithm negotiation; otherwise, the server breaks the TCP connection.Note:All the packets involved in the above steps are transferred in plain text.II. Key and algorithm negotiationz The server and the client send key algorithm negotiation packets to each other,which include the supported public key algorithm list, encryption algorithm list,MAC algorithm list, and compression algorithm list.z Based on the received algorithm negotiation packets, the server and the clientfigure out the algorithms to be used.z The server and the client use the DH key exchange algorithm and parameterssuch as the host key pair to generate the session key and session ID.Through the above steps, the server and the client get the same session key, which isto be used to encrypt and decrypt data exchanged between the server and the clientlater. The server and the client use session ID in the authentication stage.Caution:Before the negotiation, the RSA key pair must have been generated on the server. Itwill be used for generating the session key.III. Authenticationz The client sends to the server an authentication request, which includes theusername, authentication method and information related to the authenticationmethod (the password in the case of password authentication).
