• Post author:
  • Post category:Blog
  • Reading time:2 mins read
  • Post last modified:June 12, 2024

If a client connected to a server using SSHv1 previously, how should the client be able to authenticate the server?

  • The same encryption algorithm will be used each time and will be in the client cache.
  • The server will autofill the stored password for the client upon connection.
  • The client will receive the same public key that it had stored for the server.
  • The server will not use any asymmetric encryption, and jump right to symmetric encryption.
Explanation & Hint:

When a client connects to a server using SSH (Secure Shell), server authentication typically involves the server providing its public key to the client. If the client has connected to the server previously, it should perform the authentication as follows:

  • The client will receive the same public key that it had stored for the server.

The client maintains a cache of known host keys for servers it has connected to in the past (usually stored in a known hosts file). When it connects to the server again, the server presents its public key, and the client checks this key against the one in its cache. If the keys match, it indicates that the server is the same one the client connected to previously, and the server is authenticated. If there’s a mismatch, it could be a sign of a potential man-in-the-middle attack, and the client will typically warn the user before proceeding.

It’s important to note that SSHv1 has known security vulnerabilities and should not be used; SSHv2 is the recommended version due to its enhanced security features.

For more Questions and Answers:

Data Security Post-Assessment | CBROPS

Notify of
Inline Feedbacks
View all comments