Today, I learned how SSH security works.
SSH works by first making a TCP connection from a client to a server (typically against port 22 on the server). The server and client then agree on a set of encryption standards that the two parties will communicate over since it’s important for the two parties to communicate without eavesdroppers being able to see the messages.
SSH uses symmetric key encryption to encrypt and decrypt messages. To do that, a symmetric key needs to be determined between the client and the server. SSH uses the Diffie-Helman Key exchange to share the symmetric key over an insecure channel. It’s a fascinating algorithm that I have no idea how someone would come up with! I recommend reading about it.
Once the symmetric key is shared, the client and server send encrypted messages using that symmetric key. The encryption here provides confidentiality to the connection, but what about authenticity? It seems that an attacker could run a replay attack.
The SSH protocol accounts for this message integrity by using a MAC with the same symmetric key. The MAC encodes the packet sequence number along with the unencrypted, unMACd packet. If an attacker attempts to send the same message twice, the sequence number will be incorrect and the receiver of the message will reject the packet.