If you spend enough time in an IT environment and with the rise of cloud infrastructure such as AWS, you will likely come across the term SSH keys. If you’ve already come across this IT term, then you might find yourself wondering, what are SSH keys? SSH (Secure Shell) keys are an access credential that is used in the SSH protocol and they are foundational to modern Infrastructure-as-a-Service platforms such as AWS, Google Cloud, and Azure.
The SSH Protocol
The first version of the SSH protocol was developed in the summer of 1995 by Tatu Ylonen. Tatu was a researcher at the University of Helsinki when a sniffing attack was discovered on the university network. A sniffing attack intercepts and logs the traffic that takes place on a network and can provide attackers with usernames and passwords which can then be used to gain access to critical IT assets. Thousands of credentials were impacted, including those belonging to community partnerships. This sniffing attack motivated Tatu to figure out how to make networks more secure, and this ultimately led to the creation of the SSH protocol (SSH.com).
What are SSH keys?
SSH keys come in many sizes, but a popular choice is an RSA 2048-bit encryption, which is comparable to a 617 digit long password. On Windows systems, it is possible to generate your own SSH key pair by downloading and using an SSH client like PuTTY. On Mac and Linux systems, it is possible to generate an SSH key pair using a terminal window. Watch the video below to find out how to generate your own RSA key pair on Mac and Linux.
SSH keys always come in pairs, and every pair is made up of a private key and a public key. Who or what possesses these keys determines the type of SSH key pair. If the private key and the public key remain with the user, this set of SSH keys is referred to as user keys. If the private and public keys are on a remote system, then this key pair is referred to as host keys. Another type of SSH key is a session key. When a large amount of data is being transmitted, session keys are used to encrypt this information.
Step by step SSH Authentication
1. TCP connection: Once the TCP connection established the client and server exchange ID string.
2. Algorithm Negotiation: list of key messages exchange, with a list of the algorithm, key, and compression algorithm exchanges in this step.
3. key Exchange: in this step, the server is authenticated to the client, and server message authentication and the key will be generated.
4. End of key Exchange: It is an indication that each side can start sending messages by encryption and compression algorithm.
If you find it interesting, you can read: