What is SSH?
SSH stands for Secure Shell (SSH) Protocol that is mainly used to connect to a Linux server remotely. It gives you the opportunity to access a server or computer over an unsecured network.How SSH Works
Client-server architecture is used to implement SSH connections. The remote machine (Server) must be running SSH daemon — the heart of SSH. A specific network port (22) is used for connection requests, authentication, and login into shell sessions when the user provides the correct credentials.How SSH Authenticates Users
SSH supports two primary authentication methods: passwords and SSH keys.Password
Password logins are encrypted but not recommended. Malicious users or bots can repeatedly attempt to authenticate, potentially leading to security compromises. Passwords are considered less secure than SSH keys.
SSH Keys
SSH keys consist of a public and private cryptographic key pair. The public key can be shared freely, while the private key must be kept secure and never exposed to anyone.
SSH Key Authentication Flow
Generate an SSH key pair
The client must have an SSH key pair (public and private) on their local computer.
Copy the public key to the server
The local client’s public key must be copied to
~/.ssh/authorized_keys in the user’s home directory on the remote server.Client initiates connection
When the client connects to the host/server, it informs the server which public key to use for authentication.
Server validates the public key
The server checks the public key against the
~/.ssh/authorized_keys file. If valid, it generates a random string and encrypts it using the public key.Server sends the encrypted challenge
The server sends the encrypted message to the client to verify whether the client holds the associated private key.
Client decrypts and responds
The client uses its private key to decrypt the message and sends the decrypted information back to the server.