Operation Manual – SSH Terminal ServiceH3C S7500 Series Ethernet Switches Chapter 1 SSH Terminal Service Configuration1-2Through the above steps, the server and the client get the same session key, which isto be used to encrypt and decrypt data exchanged between the server and the clientlater. The server and the client use session ID in the authentication stage.3) Authentication stageThe client sends to the server an authentication request, which includes the usernameand authentication method, and the server starts to authenticate the client.SSH provides two authentication methods: password authentication and RSAauthentication.For password authentication:z The client encrypts the username and password, encapsulates them into apassword authentication request, and sends the request to the server.z Upon receiving the request, the server decrypts the username and password,compares them against those it maintains, and then informs the client of theauthentication result.For RSA authentication:z The client sends to the server an RSA authentication request containing its RSApublic key modulus.z The server validates the modulus. If the modulus is invalid, the authentication fails;otherwise, the server generates a 32-byte random number, converts it to amultiple precision (MP) integer (MSB first), encrypts it using the RSA public keyfrom the client, and then sends a challenge to the client.z Upon receiving the challenge, the client decrypts it with its private key and gets anMP integer, creates an MD5 value using the MP integer and the session ID, andthen encrypts and sends the MD5 value to the server.z After receiving the encrypted MD5 value, the server decrypts it to obtain the MD5value and compares it with that locally calculated. If they match, the authenticationsucceeds.4) Session request stage. The client sends session request messages to the serverwhich processes the request messages.5) Interactive session stage. Both ends exchange data till the session ends.1.1.2 Configuring an SSH ServerThe following table describes SSH server configuration tasks.