For the communication between SSH server and SSH client, OpenSSH supports ver-sions 1 and 2 of the SSH protocol. Version 2 of the SSH protocol is used by default.Override this to use version 1 of the protocol with the -1 switch. To continue usingversion 1 after a system update, follow the instructions in /usr/share/doc/packages/openssh/README.SuSE. This document also describes how an SSH 1environment can be transformed into a working SSH 2 environment with just a fewsteps.When using version 1 of SSH, the server sends its public host key and a server key,which is regenerated by the SSH daemon every hour. Both allow the SSH client to en-crypt a freely chosen session key, which is sent to the SSH server. The SSH client alsotells the server which encryption method (cipher) to use.Version 2 of the SSH protocol does not require a server key. Both sides use an algorithmaccording to Diffie-Helman to exchange their keys.The private host and server keys are absolutely required to decrypt the session key andcannot be derived from the public parts. Only the SSH daemon contacted can decryptthe session key using its private keys. This initial connection phase can be watchedclosely by turning on the verbose debugging option -v of the SSH client.The client stores all public host keys in ~/.ssh/known_hosts after its first contactwith a remote host. This prevents any man-in-the-middle attacks—attempts by foreignSSH servers to use spoofed names and IP addresses. Such attacks are detected eitherby a host key that is not included in ~/.ssh/known_hosts or by the server's inabil-ity to decrypt the session key in the absence of an appropriate private counterpart.It is recommended to back up the private and public keys stored in /etc/ssh/ in asecure, external location. In this way, key modifications can be detected and the oldones can be used again after a reinstallation. This spares users any unsettling warnings.If it is verified that, despite the warning, it is indeed the correct SSH server, the existingentry for the system must be removed from ~/.ssh/known_hosts.14.6 SSH Authentication MechanismsNow the actual authentication takes place, which, in its simplest form, consists of enter-ing a password as mentioned above. The goal of SSH was to introduce a secure softwarethat is also easy to use. Because it is meant to replace rsh and rlogin, SSH must also be164 Security Guide