How SSH works

Connection establishment

The SSH server listens to the connection requests on port 22. After a client initiates a connection request, the server and the client establish a TCP connection.

Version negotiation

The two parties determine a version to use after negotiation.

Algorithm negotiation

SSH supports multiple algorithms. Based on the local algorithms, the two parties determine the key exchange algorithm for generating session keys, the encryption algorithm for encrypting data, public key algorithm for digital signature and authentication, and the HMAC algorithm for protecting data integrity.

Key exchange

The two parties use the Diffie-Hellman (DH) exchange algorithm to dynamically generate the session key for protecting data transfer and the session ID for identifying the SSH connection. In this stage, the client authenticates the server as well.

Authentication

The SSH server authenticates the client in response to the client's authentication request.

Session request

After passing authentication, the client sends a session request to the server to request the establishment of a session (Stelnet, SFTP, or SCP).

Interaction

After the server grants the request, the client and the server start to communicate with each other in the session.

In the interaction stage, you can execute commands from the client by pasting the commands in text format (the text must be within 2000 bytes). The commands must be available in the same view. Otherwise, the server might not be able to execute the commands correctly.

If you want to execute commands of more than 2000 bytes, you can save the commands in a configuration file, upload it to the server through SFTP, and use it to restart the server.