-
-
Save ipeacocks/769a7f865c553d42348270f4a2fcdc02 to your computer and use it in GitHub Desktop.
SSH with asymmetric key UML Sequence
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@startuml | |
participant Client as C | |
participant Server as S | |
Title SSH Asymmetric Internals Sequence | |
== Initial Connection == | |
C --> S: Connection establishment request | |
S --> C: Here are the protocols I support & my public host-key (identifier) | |
C --> C: Do I support these methods? (If None Supported Fail) | |
== Diffie-Hellman == | |
C <-> S: Agree publicly on `prime modulus`(PM) & `generator`(G) | |
C --> C: Generate private random number (PRNI) | |
C --> C: Generate public random number (PRNS) = G<sup>PRNI</sup>%PM) | |
C --> S: sends PRNS | |
S --> S: Generate private random number (PRNI) | |
S --> S: Generate public random number (PRNS) = G<sup>PRNI</sup>%PM) | |
S --> C: sends PRNS | |
C --> C: Use Server PRNS<sup>PRNI</sup>%PM to generate shared secret (SS) | |
S --> S: Use Client PRNS<sup>PRNI</sup>%PM to generate shared secret (SS) | |
== Authentication (asymmetric key) == | |
C --> S: Transmit identity seeking to prove | |
S --> S: Verify account being accessed contains identity supplied | |
...If identity Not Found Fail... | |
S --> S: Generate new private random number (PRNC) | |
S --> S: Encrypt PRNC (PRNCE) with the public-key found | |
S --> C: Send Client PRNCE | |
C --> C: Attempt to decrypt PRNCE using private-key matching sent identity | |
C --> S: Send Hash of the SS & decrypted PRNCE (VHASH) | |
S --> S: Generates hash & compares hash to VHASH | |
...If Not Matching Fail... | |
@enduml |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment