SSHv1 connection process
Answer:
• Client connects to server and server presents client with its public key.
• Client and server agree to a mutually supported symmetric encryption algorithm. This negotiation occurs in the clear. A party that intercepts the communication will be aware of the encryption algorithm that is agreed upon.
• Client constructs session key and encrypts it with the server's public key. Only the server has the appropriate private key that can decrypt the session key.
• Client sends encrypted session key to server. Server decrypt session key using its private key. Now both client and server have the shared session key. That key is not available to any other systems. From this point on, the session between the client and server is encrypted using a symmetric encryption algorithm.
• With privacy in place, user authentication ensues. The user's credentials and all other data are protected.