Talk:Internet Technologies/SSH

Seems as though the description of the pk cryptography used by ssh is missing something. Having the client use the pubkey to encrypt data sent to the server is fine but how does the server encrypt data back to the client? It can't use the same pubkey because the client does not have the private key to decrpyt it. I am no SSH expert but I think the server's keypair is only used during initial handshaking when a random session key must be generated to encrypt the rest of the conversation going both directions. And unless I am mistaken that session key changes every so often too. Am I wrong?

The part about pk is wrong since the client holds the private key and the server the public key in a file for authorized keys. Also the public isn't offered as first, but first the client should request for "none" to the server as authentication methode from where the server replies with all valid authentication methodes like password,public-key,keyboard-interactive and from there the client can decide what to offer to the server. But then again public/private-key authentication hasn't to do anything with session-keys.


 * I agree that Internet Technologies/SSH needs a lot of work. However, I think this page should be a brief, practical overview -- I think detailed information answering the questions you asked should go over on OpenSSH/Cookbook/Authentication Keys. --DavidCary (discuss • contribs) 23:22, 30 March 2014 (UTC)

There is a lot more to it that could be useful...
See and mine the slashdot thread about an InfoWorld article (and look into that also for useful facts). The use of RSA keyfiles as shellscripts for the connections is interesting... --Panic (discuss • contribs) 19:34, 26 March 2012 (UTC)

scp(1) considered deprecated, use sftp(1) or rsync(1) instead
The instructions for scp(1) could be replaced with instructions for sftp(1) and rsync(1) because SCP itself is going away sooner than later:

The scp protocol is outdated, inflexible and not readily fixed. We recommend the use of more modern protocols like sftp and rsync for file transfer instead. OpenSSH release-8.0

The examples should follow recommended best practices and avoid scp(1). I can try rewriting those parts, if no one else gets to them first.

Larsnooden (discuss • contribs) 07:37, 23 August 2023 (UTC)