Establishing an SSH Connection
Issue 1 July 2006 67
4. The C360 derives its DH private key y and its DH public key f=(g^y)mod p, and sends the f
value to the client, its public host key and the digital signature calculated for all values
exchanged so far including f and public host key. The C360 uses DSA cipher and its host
private key to calculate the signature.
5. The SSH client verifies the C360 identity. It checks the C360 host public key validity against
the ~/.ssh/known_host file. This is the prompt that user receives if he or she connects to an
unknown SSH server. It checks the known_hosts file for the host key offered by the server
and prompts if it is not there or if it has changed
6. The SSH client verifies digital signature by decrypting it with DSA and the C360 host public
key. This and the step above are essential to prevent a "man-in-the middle" attack by
someone taking the C360 identity.
7. Using combination of each other public keys and their own private keys both parties now to
calculate Diffie-Hellman shared secret. C360 calculate the shared secret K=f^x mod p and
the client calculates K=e^ymod p. Both end up with the same value because of
commutativity of exponentiation. The shared key is never sent on wire ensuring its secrecy.
The shared session key used then for deriving the TDES symmetric key. All messages
exchanged between the parties from this point are encrypted with TDES using the derived
TDES key.
User AuthenticationBefore any data is transferred, the C360 requires the client to supply a user name and static
password. This authenticates the user on the client side to the C360.