Skip to content

Instantly share code, notes, and snippets.

@Lewiscowles1986
Last active November 16, 2021 06:22
Show Gist options
  • Save Lewiscowles1986/d4c554e503d1ebcb12ebff127383d673 to your computer and use it in GitHub Desktop.
Save Lewiscowles1986/d4c554e503d1ebcb12ebff127383d673 to your computer and use it in GitHub Desktop.
SSH with asymmetric key UML Sequence
Display the source blob
Display the rendered blob
Raw
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@startuml
participant Client as C
participant Server as S
Title SSH Asymmetric Internals Sequence
== Initial Connection ==
C --> S: Connection establishment request
S --> C: Here are the protocols I support & my public host-key (identifier)
C --> C: Do I support these methods? (If None Supported Fail)
== Diffie-Hellman ==
C <-> S: Agree publicly on `prime modulus`(PM) & `generator`(G)
C --> C: Generate private random number (PRNI)
C --> C: Generate public random number (PRNS) = G<sup>PRNI</sup>%PM)
C --> S: sends PRNS
S --> S: Generate private random number (PRNI)
S --> S: Generate public random number (PRNS) = G<sup>PRNI</sup>%PM)
S --> C: sends PRNS
C --> C: Use Server PRNS<sup>PRNI</sup>%PM to generate shared secret (SS)
S --> S: Use Client PRNS<sup>PRNI</sup>%PM to generate shared secret (SS)
== Authentication (asymmetric key) ==
C --> S: Transmit identity seeking to prove
S --> S: Verify account being accessed contains identity supplied
...If identity Not Found Fail...
S --> S: Generate new private random number (PRNC)
S --> S: Encrypt PRNC (PRNCE) with the public-key found
S --> C: Send Client PRNCE
C --> C: Attempt to decrypt PRNCE using private-key matching sent identity
C --> S: Send Hash of the SS & decrypted PRNCE (VHASH)
S --> S: Generates hash & compares hash to VHASH
...If Not Matching Fail...
@enduml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment