Yorkville High School Computer Science Department
Yorkville High School Computer Science Department on Facebook  Yorkville High School Computer Science Department Twitter Feed  Yorkville High School Computer Science Department on Instagram

Yorkville High School Computer Science

ASSIGNMENTS: Build a Computer - September 25, 2018 :: Network App - December 14, 2018

Computer Security :: Lessons :: HTTPS and SSH

HTTPS

HTTPS is the combination of HTTP and SSL to implement secure communication between a web browser and a web server. All major web browsers support HTTPS so its use depends on the web server supporting it. HTTPS use has increased recently because of campaigns such as Let's Encrypt. A normal HTTP connection will connect through port 80 while HTTPS will connect through port 443 to invoke SSL. The following elements are encrypted when HTTPS is used:

SSH

Secure Shell (SSH) is a simple and inexpensive network protocol that can be used for network functions such as file transfer and email. SSH is organized as three protocols that run on top of TCP:

Server authentication occurs at the transport layer with the server possessing a public/private key pair. The figure below illustrated the sequence of events in the Transport Layer Protocol. SSH Transport Layer Protocol

Once a connection is established between the server and the client they exchange data, referred to as packets, in the data field of a TCP segment. The packet is in the following format:

SSH Transport Layer Packet Formation

Message exchange for user authentication involves the following steps:

  1. The clients sends a SSH_MSG_USERAUTH_REQUEST with a requested method of "none."
  2. The server checks to determine if the user name is valid and proceeds to step 3 if it is valid.
  3. The server returns SSH_MG_USERAUTH_FAILURE with a list of one or more authentication methods to be used.
  4. The client selects of of the authentication methods and sends a SSH_MSG_USERAUTH_REQUEST with the method name and required fields.
  5. If authentication succeeds and more authentication methods are required, the server returns to step 3 using a partial success value of true. If authentication fails it returns to step 3 with a partial success value of false.
  6. When all required authentication methods success, the server sends a SSH_MSG_USERAUTH_SUCCESS message.

Some of the potential authentication methods include publickey, which contains details based on the public-key algorithm that is in use; password, which sends a plaintext password protected by encryption; and hostbased, which authenticates on the client side.

Finally, the secure authentication connection, referred to as a tunnel is used to multiplex, or combine, several channels. Below are the four channel types recognized in SSH:

Yorkville High School Computer Science Department on Facebook Yorkville High School Computer Science Department Twitter Feed Yorkville High School Computer Science Department on Instagram