Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [ssh]

The Secure Socket Shell (SSH) protocol is an authentication protocol (described in RFC 4252) for securely getting access to a remote computer.

The Secure Socket Shell (SSH) protocol is an authentication protocol (described in RFC 4252) for securely getting access to a remote computer.

It is widely used to control servers remotely. SSH is actually a suite of three utilities — slogin, ssh, and scp — which are are secure versions of earlier UNIX utilities: rlogin, rsh, and rcp. SSH commands are encrypted and secure in several ways. Both ends of the client/server connection are authenticated using a digital certificate, and passwords are protected by being encrypted.

SSH uses RSA public key cryptography for both connection and authentication. Encryption algorithms include Blowfish, DES, and IDEA. IDEA is the default.

85 questions
147
votes
1 answer

Why does my SSH private key still work after changing some bytes in the file?

I (for a test) just randomly altered a private RSA key by opening it up in Vim and changing a few bytes. It is the private part of an SSH key pair used for logging in on a remote system. Puzzlingly, it still allows me to login. I did some research…
PhilPotter1987
  • 1,093
  • 2
  • 8
  • 6
98
votes
2 answers

Why doesn't SSH use TLS?

Most cryptographically protected protocols use TLS these days. This applies to mail protocols, HTTP and many others. The newly designed QUIC has also adopted TLS as its cryptography layer. However, SSH is different: it has its own cryptography…
juhist
  • 1,643
  • 1
  • 13
  • 18
49
votes
1 answer

Why do all SSH-RSA Keys begin with "AAAAB3NzaC1yc"?

My friend and I have been generating a few SSH2 RSA keys and noticed all the public keys begin with AAAAB3NzaC1yc, with the similarity extending to AAAAB3NzaC1yc2EAAAABIwAAAQEA between two keys generated on the same machine in two successive…
Lord Loh.
  • 705
  • 1
  • 8
  • 12
44
votes
1 answer

Can I remove newlines in a public key?

Can I remove new lines from the RSA public key file to get a one line string? So the question is if the key looks like this AAA BBB CCC or AAA\n\rBBB\n\rCCC\n\r is this the same as AAABBBCCC
xpepermint
  • 543
  • 1
  • 4
  • 5
34
votes
3 answers

How many KDF rounds for an SSH key?

What is the best practice on choosing how many key derivation function (KDF) rounds/iterations when generating an SSH key pair with ssh-keygen? Am I correct in saying that it is unnecessary if the passphrase is strong enough? Is there some kind of…
Peter Tseng
  • 443
  • 1
  • 4
  • 6
19
votes
3 answers

AES256-CBC vs AES256-CTR in SSH

I used AES256-CBC to SSH to a remote server. Recently, it stopped working with the following message: no matching cipher found: client aes256-cbc server aes128-ctr,aes256-ctr,arcfour256,arcfour,3des-cbc When I used AES256-CTR as a cipher to SSH…
Rlearner
  • 293
  • 1
  • 2
  • 4
15
votes
2 answers

ed25519 ssh public key is always 80 characters long?

I am creating some ssh keys using ed25519, something like: $ ssh-keygen -t ed25519 $ ssh-keygen -o -a 10 -t ed25519 $ ssh-keygen -o -a 100 -t ed25519 $ ssh-keygen -o -a 1000 -t ed25519 But I notice that the output of the public key is always the…
nbari
  • 265
  • 1
  • 2
  • 8
14
votes
2 answers

Why OpenSSH prefers ECDSA nistp256 keys over -384 and -521, and those over Ed25519, for host key verification?

According to ssh_config(5), HostKeyAlgorithms “specifies the host key algorithms that the client wants to use in order of preference ... The default for this…
squirrel
  • 351
  • 1
  • 2
  • 9
13
votes
2 answers

Why does SSH authentication protocol send a challenge message instead of using digital signature to verify client

Why does SSH authentication protocol choose to have the server with the public key send a challenge message encrypted with this public key of the client instead of having the client send a message signed with it's private key along with client ID…
user855
  • 381
  • 1
  • 4
  • 7
11
votes
1 answer

Why can ssh-keygen export a public key in PEM PKCS8 format?

In the documentation of ssh-keygen (man ssh-keygen) it says for the option -m that an export to the format “PKCS8” (PEM PKCS8 public key) is possible. That works, and I can read the files using openssl. But the thing that really confuses me: isn't…
Edward
  • 211
  • 1
  • 2
  • 5
9
votes
1 answer

How does TLS differ from SSH from a strictly cryptographic perspective?

How does TLS differ from SSH from a strictly cryptographic perspective? I know that there are many non-cryptographic differences between them, but I would like to know the cryptographic ones.
Demi
  • 4,853
  • 1
  • 22
  • 40
8
votes
1 answer

GPG vs PGP vs OpenSSH and management of them

What is the main difference of the three? Can I use only one of them for everything (e.g. GPG for SSH authentication) If I encrypt my private key with a pass-phrase, is it strong enough so that if someone steals my laptop or private key, I'm…
dzervas
  • 183
  • 1
  • 1
  • 5
8
votes
1 answer

Can a server's ECDSA fingerprint be spoofed during SSH?

I have read somewhere that Servers which have SSH access for users in the public can have their public key posted publicly (e.g., on a website), so that people who access such a server using SSH can use this key to verify the server's…
Minaj
  • 1,110
  • 2
  • 13
  • 28
8
votes
3 answers

Why does Openssh use only SHA1 for signing and verifying of digital signatures?

I am learning SSH protocol. With my current understanding of SSH protocol, I think that message digest algorithms for using in digital signature should be derived from Key Exchange. But Openssh implementation uses only SHA1 for signing and verifying…
Rakesh Gupta
  • 113
  • 1
  • 5
7
votes
1 answer

How hard is it to generate a partial RSA fingerprint collision?

When I use SSH to log into a new system, I get asked to verify that the fingerprint (a 32 hex digits string) of the hosts's RSA key is correct. How much if it must I actually compare (by hand/eye) to make it unfeasible for someone to…
BCS
  • 363
  • 1
  • 9
1
2 3 4 5 6