1-2The same key is used for both encryption and decryption. Supported symmetric key algorithms includeDES, 3DES, and AES, which can effectively prevent data eavesdropping.z Asymmetric key algorithmAsymmetric key algorithm is also called public key algorithm. Both ends have their own key pair,consisting of a private key and a public key. The private key is kept secret while the public key may bedistributed widely. The private key cannot be practically derived from the public key. The informationencrypted with the public key/private key can be decrypted only with the corresponding privatekey/public key.Asymmetric key algorithm encrypts data using the public key and decrypts the data using the privatekey, thus ensuring data security.You can also use the asymmetric key algorithm for data signature. For example, user 1 adds hissignature to the data using the private key, and then sends the data to user 2. User 2 verifies thesignature using the public key of user 1. If the signature is correct, this means that the data originatesfrom user 1.Both Revest-Shamir-Adleman Algorithm (RSA) and Digital Signature Algorithm (DSA) are asymmetrickey algorithms. RSA is used for data encryption and signature, whereas DSA is used for addingsignature. Currently the switch supports RSA and DSA.Symmetric key algorithms are used for encryption and decryption of the data transferred on the SSHchannel while asymmetric key algorithms are used for digital signature and identity authentication.SSH Operating ProcessThe session establishment between an SSH client and the SSH server involves the following fivestages:Table 1-1 Stages in establishing a session between the SSH client and serverStages DescriptionVersion negotiation SSH1 and SSH2 are supported. The two parties negotiatea version to use.Key and algorithm negotiation SSH supports multiple algorithms. The two partiesnegotiate an algorithm for communication.Authentication The SSH server authenticates the client in response to theclient’s authentication request.Session request This client sends a session request to the server.Data exchange The client and the server start to communicate with eachother.
