Authentication to a Remote Server using SSH keys
18 September, 2018
Hey All! I hope your week is going well so far!! 🔸 Today’s topic is: Authentication to a remote server using SSH keys 🔸 When trying to logon to a remote server, the simplest way to authenticate a user is by using a password but this is not generally recommended because of the limitations on the complexity of a password. Automated scripts can break passwords quite easily. The most popular and recommended alternative is the use of SSH key pairs. 🔸 RSA is an algorithm that uses asymmetric encryption and generates SSH key pairs. In this algorithm, the user will generate a public and private key on their side. The user will store the private key and share the public key with the remote server. When the remote server sends the user information, the remote server will use the public key to encrypt the message and then the client will use their private key to decrypt the message. 🔸 Here is how RSA works: 1️⃣When the user wants to authenticate with the remote server, it sends the ID of the public key it gave to the server to see if the public key is stored on the server. 2️⃣If the remote server finds that public key, the server generates a random number and uses the public key to encrypt it. 3️⃣This encrypted message is sent back to the user. The user decrypts the message and gets the random number. 4️⃣The user combines this random number with the shared session key (the one generated by the Diffie-Helman algorithm we talked about in the previous post about asymmetric encryption) and calculates a hash value. 5️⃣The user then sends this hash back to the server. 6️⃣The server uses the same shared session key and the random number it sent to the user to calculate the hash on it’s own. It then compares it’s own calculation to the one that the user sent. If they match, it proves that the user is in possession of the private key and is now authenticated. 🔸 Now, the user is connected onto the remote server! 🔸