1-2
The same key is used for both encryption and decryption. Supported symmetric key algorithms include
DES, 3DES, and AES, which can effectively prevent data eavesdropping.
z Asymmetric key algorithm
Asymmetric key algorithm is also called public key algorithm. Both ends have their own key pair,
consisting of a private key and a public key. The private key is kept secret while the public key may be
distributed widely. The private key cannot be practically derived from the public key. The information
encrypted with the public key/private key can be decrypted only with the corresponding private
key/public key.
Asymmetric key algorithm encrypts data using the public key and decrypts the data using the private
key, thus ensuring data security.
You can also use the asymmetric key algorithm for data signature. For example, user 1 adds his
signature to the data using the private key, and then sends the data to user 2. User 2 verifies the
signature using the public key of user 1. If the signature is correct, this means that the data originates
from user 1.
Both Revest-Shamir-Adleman Algorithm (RSA) and Digital Signature Algorithm (DSA) are asymmetric
key algorithms. RSA is used for data encryption and signature, whereas DSA is used for adding
signature. Currently the switch supports RSA and DSA.
Symmetric key algorithms are used for encryption and decryption of the data transferred on the SSH
channel while asymmetric key algorithms are used for digital signature and identity authentication.
SSH Operating Process
The session establishment between an SSH client and the SSH server involves the following five
stages:
Table 1-1 Stages in establishing a session between the SSH client and server
Stages Description
Version negotiation
SSH1 and SSH2 are supported. The two parties negotiate a
version to use.
Key and algorithm negotiation
SSH supports multiple algorithms. The two parties negotiate
an algorithm for communication.
Authentication
The SSH server authenticates the client in response to the
client’s authentication request.
Session request This client sends a session request to the server.
Data exchange
The client and the server start to communicate with each
other.
To Next Page
Loading...
