SSH

Table of Contents

Topics
- How SSH works
- Fingerprints
How-to
- Get the public key from a private key

Topics

How SSH works

Establishes a session key with Diffie-Hellman algorithm

Used to encrypt the entire session

https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange

Authenticates the User's Access

This process is mostly by RSA algorithm
- (m^e)^d≡ m (mod n)
- (m^d)^e≡ m (mod n)
- Public key consists of (e, n)
- Private key consists of (d, n)
- Finding d from e and n is hard
- e stands for public exponent, and OpenSSL sets it as 65537 (0x10001) by default

https://en.wikipedia.org/wiki/RSA_(cryptosystem)

Fingerprints

If the fingerprint changes:

The machine has changed their public key (because public exponent can vary, there can be multiple valid public keys).
It could also indicate that you are connecting to a different machine at the same domain/IP
It could also indicate that you are being targeted with a man-in-the-middle attack

https://superuser.com/questions/421997/what-is-a-ssh-key-fingerprint-and-how-is-it-generated

How-to

Get the public key from a private key

ssh-keygen -f ~/.ssh/id_rsa -y > ~/.ssh/id_rsa.pub

https://serverfault.com/questions/52285/create-a-public-ssh-key-from-the-private-key