version 1.308, 2019/11/30 07:07:59 |
version 1.309, 2019/12/17 16:21:07 |
|
|
host key against its own database to verify that it has not changed. |
host key against its own database to verify that it has not changed. |
Forward security is provided through a Diffie-Hellman key agreement. |
Forward security is provided through a Diffie-Hellman key agreement. |
This key agreement results in a shared session key. |
This key agreement results in a shared session key. |
The rest of the session is encrypted using a symmetric cipher, currently |
The rest of the session is encrypted using a symmetric cipher. |
128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES. |
|
The client selects the encryption algorithm |
The client selects the encryption algorithm |
to use from those offered by the server. |
to use from those offered by the server. |
Additionally, session integrity is provided |
Additionally, session integrity is provided |
through a cryptographic message authentication code |
through a cryptographic message authentication code. |
(hmac-md5, hmac-sha1, umac-64, umac-128, |
|
hmac-sha2-256 or hmac-sha2-512). |
|
.Pp |
.Pp |
Finally, the server and the client enter an authentication dialog. |
Finally, the server and the client enter an authentication dialog. |
The client tries to authenticate itself using |
The client tries to authenticate itself using |