Figure 253 How SSH Works
Host Identification
1
The SSH client sends a connection request to the SSH server. The server identifies itself with a host
key. The client encrypts a randomly generated session key with the host key and server key and
sends the result back to the server.
The client automatically saves any new server public keys. In subsequent connections, the server
public key is checked against the saved version on the client computer.
Encryption Method
2
Once the identification is verified, both the client and server must agree on the type of encryption
method to use.
Authentication and Data Transmission
3
After the identification is verified and data encryption activated, a secure tunnel is established
between the client and the server. The client then sends its authentication information (user name
and password) to the server to log in to the server.
43.7 SSH Implementation on the Switch
Your Switch supports SSH version 2 using RSA authentication and three encryption methods (DES,
3DES and Blowfish). The SSH server is implemented on the Switch for remote management and file
transfer on port 22. Only one SSH connection is allowed at a time.
Chapter 43 Access Control
GS3700/XGS3700 Series User's Guide
365