This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to understand SSH Key exchange process?

0

Hi all,

I want to understand basic functional aspects behind SSH key exchange. I tried to understand looking at RFC but felt little complex for me to comprehend from it.

Here are the 7 Packets I got from t-shark using display filter "ssh.message_code"

SSHv2 Client: Key Exchange Init

SSHv2 Server: Key Exchange Init

SSHv2 Client: Diffie-Hellman Key Exchange Init

SSHv2 Server: Diffie-Hellman Key Exchange Reply

SSHv2 Client: Diffie-Hellman GEX Init

SSHv2 Server: Diffie-Hellman GEX Reply

SSHv2 Client: New Keys

If you find some time to reply please help me understand what each packet means to client/server

asked 12 Aug '13, 17:28

krishnayeddula's gravatar image

krishnayeddula
629354148
accept rate: 6%

edited 12 Aug '13, 17:29


One Answer:

2

This question is actually not really to Wireshark (although you used tshark) and thus it is a bit off-topic for this Q&A site.

A quick google search for ssh protocol explained returned several pages that explain the ssh protocol in detail.

Regards
Kurt

answered 13 Aug '13, 04:33

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

Hi Kurt, When it comes to troubleshooting TCP , we start our conversation with their conversation(3-way handshake).Like wise i felt this is also a part of conversation in it's own approach(Key exchange)and hence i raised a question to understand it better from experts. Yah, thanks for your suggestion.I will look in to the material mentioned.

(13 Aug '13, 08:56) krishnayeddula
1

i raised a question to understand it better from experts

well, here are some Wireshark and networking/protocol experts and I'm sure someone would be able to explain the SSH protocol. But how much sense does it make to do that, while there are great resources available out there. After you have studied those resources you are more than welcome to come back and ask specific questions ;-)

(14 Aug '13, 04:33) Kurt Knochner ♦

Sound good:)

(14 Aug '13, 14:44) krishnayeddula