Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
548
Views
0
Helpful
2
Replies

Pair of keys and ssh in switch

Leftz
Level 4
Level 4

‎07-08-2022 10:03 AM - edited ‎07-08-2022 11:20 AM

Hi Below is process for client such as PC to access a server via ssh. Please see the below "Session Encryption Negotiation" process when a client try to access a server via ssh. Usually we pick up a PC to access the switch via ssh/putty. we do not import any key into the switch and PC. So how the public key in the switch and private key in PC(putty or crt) can match each other? Thank you

 

 

Session Encryption Negotiation:

Upon receiving a connection request, the server sends the client a set of supported encryption protocols. The server uses the public key as the authentication method.

The client compares the protocols to its own set. If there are matching protocols, the machines agree to use one to establish the connection.

The client compares the server’s public key to the stored private key stored in its system on the first connection attempt. If the keys match, the client and the server agree to use symmetric encryption to communicate during the SSH session. For this purpose, they communicate using an asymmetrically encrypted process that employs the Diffie-Hellman (DH) key exchange algorithm.

0 Helpful
2 Replies 2

marce1000
VIP
VIP

‎07-08-2022 10:14 AM - edited ‎07-08-2022 10:14 AM

 

 - Clients will usually try to negotiate most secure cipher, from a client perspective the available ciphers can also be probed with : 

% nmap --script ssh2-enum-algos your-switch

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Leftz
Level 4
Level 4

‎07-08-2022 10:51 AM - edited ‎07-08-2022 01:52 PM

@marce1000 Thanks for your reply. I changed title and description due to original one covering title covering too much. Can you review it again? 



0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card