Understanding from SSH name to connection at once 1
What is 'this file' given when creating a server?
Often, when you create a server in a cloud service such as NBP or AWS, you must go through the process of creating an 'authentication key' or 'key pair'. When you create it, you will download a file in an unfamiliar format called pem. What is it? I know that it is a file that is absolutely necessary to connect to the server, but I do not know its identity to leave it alone on my computer.
In fact, this file is a necessary file for the server with the 'SSH' security method that protects it from external security threats when remotely accessing the server we created. It was previously introduced in ' 4 ways to solve Linux security issues '.
As such, SSH is the most representative and useful means for server security, which is why many cloud services provide it this way. So what exactly is SSH? To explain what this file is, you must first know about SSH.
What is SSH?
SSH is an acronym for Secure Shell. It is a secure protocol used to connect to a remote host.
(*Shell: Refers to the interface used to use commands and programs. To be more specific, it acts as a bridge between the kernel and the user. It receives commands from the user, interprets them, and executes them. Often black background You can think of the command input environment in which white letters appear.)
Existing remote access uses a method called 'Telnet', but it has the disadvantage of being weak in security because it does not provide encryption. In fact, by using a packet analysis program such as WireShark, anyone can easily steal data such as passwords and file contents transferred during remote access. For this reason, SSH technology that encrypts this has emerged, and it is now becoming an essential element for remote access security. And the server provided by the cloud service is basically accessed and used by remote access. So, when creating a server in a CSP (Cloud Service Provider, a place that provides cloud services) such as NBP or AWS, it is essential to go through the SSH security process.
How SSH Works
Now, we have some understanding of the name and necessity of SSH. So, how the hell does this SSH work, and how does it give these files to users? There are various types of SSH security methods, but only the core contents of the most popular methods will be mentioned here.
The most essential keyword that constitutes SSH is 'KEY (key, key)'. The user (client) and the server (host) each have their own key, and they use this key to authenticate the connection partner and send and receive data securely. There are two ways to generate a key here, the 'symmetric key' and the 'asymmetric key (or public key)' method, which are most easily seen when searching for SSH.
– Asymmetric key method
Let's go through the order in which they work one by one. First, the user and the server must prove each other's identities. At this point, the asymmetric key method is used. In the asymmetric key method, the server or the user creates a key pair (key pair, key pair). A key pair is a pair of two public and private keys, usually in the form of a .pub file for a public key and a .pem file for a private key.
Let's take an example. When the user generates a key pair, the public key is sent to the server. A public key is literally a 'public' key, so anyone can have it. Therefore, even if it is leaked during the transmission process, it is not a big problem. The server takes a public key and generates a random value made from this public key. This value is like a kind of test paper that tests whether the user has the correct key pair.
The user who receives the test paper unlocks the test paper using their private key. As mentioned earlier, since the public key and private key are like a couple, it cannot be solved using another public or private key. Only the private and public keys generated together when creating a key pair can interpret each other. In other words, it cannot be unlocked by any means other than the private key.
Also, unlike a public key, a private key is a valuable file that you don't show anywhere else. So, in the end, the private key is the means of proof between the server and the user. Problems from the public key can only be solved with the private key, and only the user has the private key. This file is the pem file that we received when creating the server while using CSP. Returning to the process, the user sends the value obtained by unpacking the test paper back to the server.
The server compares the value received from the user with the value it initially provided. When the two values are equal, the server says "This user has the correct private key that corresponds to my public key, so I know the user!" and allow access. In this way, when connecting for the first time, the authentication process between the user and the server is completed through the asymmetric key method.
– Symmetric key method
Now that we know who each other is, it's time to exchange information. In the process of sending and receiving information, information is encrypted so that it does not leak, and the process used here is the symmetric key method. Unlike the asymmetric key method, the symmetric key method uses only one key, which we call a symmetric key.
Let's take the same example as before. Users or servers create one symmetric key and share it with each other. When information is encrypted using a shared symmetric key, the receiving end decrypts it with the same symmetric key to obtain the information. When the information exchange is complete, the symmetric key used at the time of the exchange is discarded, and a new symmetric key is generated and used whenever reconnecting later.
In this way, you can see that a series of remote access processes are done securely through SSH. Now that you have understood all about SSH, in Part 2, we will take a closer look at the process of generating an SSH key pair and applying it to the server one by one.
Comments