⚠ Switch to EXCALIDRAW VIEW in the MORE OPTIONS menu of this document. ⚠ You can decompress Drawing data with the command palette: ‘Decompress current Excalidraw file’. For more info check in plugin settings under ‘Saving’
Excalidraw Data
Text Elements
client
server
TCP handshake SYN ACK all that good stuff
SSH version server pub key
check known_hosts
is server’s pub key in known_hosts?
proceed
ask if user wants to trust
save to known_hosts
abort
yes
no
yes
no
proceed
DH key negotiation
client pub key id
check authorized_keys
Key negotiation stage
check if client key id in authorized_keys
proceed
if password auth is allowed
prompting client for username and password
abort
yes
no
yes
no
proceed
generates random number, encrypted with client pub key
random challenge
decrypts challenges, MD5 hash(session_key, random_num)
MD5 hash value
calculates its own MD5 hash(session_key, random_num)
compare 2 hash values, decides whether auth passed
Client authentication stage [everything is encrypted here]