Red Hat ENTERPRISE LINUX 3 Reference Manual

Also see for ENTERPRISE LINUX 3 - SECURITY GUIDE: Tuning guide Installation guide Installation guide Installation guide Manual

Contents

Chapter 19. SSH Protocol 27719.3.1. Transport LayerThe primary role of the transport layer is to facilitate safe and secure communication between the twohosts at the time of authentication and during subsequent communication. The transport layer accom-plishes this by handling the encryption and decryption of data, and by providing integrity protectionof data packets as they are sent and received. The transport layer also provides compression, speedingthe transfer of information.Once an SSH client contacts a server, key information is exchanged so that the two systems cancorrectly construct the transport layer. The following steps occur during this exchange:• Keys are exchanged• The public key encryption algorithm is determined• The symmetric encryption algorithm is determined• The message authentication algorithm is determined• The hash algorithm is determinedDuring the key exchange, the server identifies itself to the client with a unique host key. If the client hasnever communicated with this particular server before, the server’s host key will be unknown to theclient and it will not connect. OpenSSH gets around this problem by accepting the server’s host keyafter the user is notified and verifies the acceptance of the new host key. In subsequent connections,the server’s host key is checked against the saved version on the client, providing confidence thatthe client is indeed communicating with the intended server. If, in the future, the host key no longermatches, the user must remove the client’s saved version before a connection can occur.CautionIt is possible for an attacker to masquerade as an SSH server during the initial contact since thelocal system does not know the difference between the intended server and a false one set up byan attacker. To help prevent this, verify the integrity of a new SSH server by contacting the serveradministrator before connecting for the first time or in the event of a host key mismatch.SSH is designed to work with almost any kind of public key algorithm or encoding format. Afteran initial key exchange creates a hash value used for exchanges and a shared secret value, the twosystems immediately begin calculating new keys and algorithms to protect authentication and futuredata sent over the connection.After a certain amount of data has been transmitted using a given key and algorithm (the exact amountdepends on the SSH implementation), another key exchange occurs, generating another set of hashvalues and a new shared secret value. Even if an attacker is able to determine the hash and sharedsecret value, this information is only useful for a limited period of time.19.3.2. AuthenticationOnce the transport layer has constructed a secure tunnel to pass information between the two systems,the server tells the client the different authentication methods supported, such as using a private key-encoded signature or typing a password. The client then tries to authenticate itself to the server usingone of these supported methods.SSH servers and clients can be configured to allow different types of authentication, which gives eachside the optimal amount of control. The server can decide which encryption methods it supports basedon its security model, and the client can choose the order of authentication methods to attempt fromthe available options. Thanks to the secure nature of the SSH transport layer, even seemingly insecureauthentication methods, such as a host and password-based authentication, are safe to use.