What is public private key exchange encryption and how they work in SSH
Public-Key encryption can be confusing sometimes. Here is a quick summary to explain what it means and how it works in SSH.
What is public private key exchange encryption and how they work in SSH
Public-Key encryption can be confusing sometimes. Here is a quick summary to explain what it means and how it works in SSH.
milly 2:40 pm on December 15, 2010
To understand it better, first remember the following:
1. Public key is used for “encrypting” message.
2. Private key is used for “decrypting” message.
3. Public key and private key work in pair, which means, if a message is encrypted by Public key “abc123″, then ONLY private key “abc123″ is able to decrypt the message.
Now, when two machines connect for the first time (machine A and machine B), they exchange their own “Public key” (Public key A sends to machine B, and Public key B sends to machine A).
When the two machines continue with the communication, machine A would use Public key B to encrypt the message first, then sends out to machine B, and machine B would use its own “Private key B” to decrypt the message. Same way works vice versa.
In SSH world, here is how it works:
The first time you connect to a machine, the public key(s) are exchanged, but SSH will warn you about never seen that computer before and cannot verify that it is the one you expect it to be. You can just continue connecting. which then creates a session (random 256-bit number, encrypted with both host and server keys from the server). SSH will store the public key in a cache so that on follow-up connections it can compare the received public key with the cached version and verify the identity of the connecting machine.