4 ssh.sd

UML text editor & user manual Dec2007

#!>>
#!Multithreading should be disabled.
#!<<
#![SD SSH2]
user:Actor
RNG:RandomNumberGenerator
known_hosts:Local_File
/ssh2:AskMySelf
ssh:Client[p] "SSH-Client"
ordinary_tcp_layer_local:Layer_End
/transport_protocol_layer_local:Local_End
user_authentication_protocol_layer_local:Local_End
connection_protocol_layer_local:Local_End
ether:Net "Ethernet"
/shared_secret:DiffieHellman
net:Work "Network"
connection_protocol_layer_remote:Layer_End
user_authentication_protocol_layer_remote:Layer_End
/transport_protocol_layer_remote:Layer_End
ordinary_tcp_layer_remote:Layer_End
sshd:Daemon [p] "sshd"
/sshd2:AskMySelf
dsa_host_key:Remote_File
openPAM:Remote_Authentication_Scheme



user:ssh.sshd -2 lipovitan(at)192:168:19:141

ssh:ordinary_tcp_layer_local.us-ascii: "hello, i'm a mac<CR><LF>" (to port22-->)
ordinary_tcp_layer_local:ordinary_tcp_layer_remote.us-ascii: "hello, i'm a mac<CR><LF>" (to port22-->)
ordinary_tcp_layer_remote:sshd.(from port22-->) us-ascii: "hello, i'm a mac<CR><LF>"

sshd:ordinary_tcp_layer_remote.(<--to port22) us-ascii: "SSH-2:0-OpenSSH_4:5p1 FreeBSD-20061110<CR><LF>"
ordinary_tcp_layer_remote:ordinary_tcp_layer_local.(<--to port22) us-ascii: "SSH-2:0-OpenSSH_4:5p1 FreeBSD-20061110<CR><LF>"
ordinary_tcp_layer_local:ssh.(<--to port22) us-ascii: "SSH-2:0-OpenSSH_4:5p1 FreeBSD-20061110<CR><LF>"

sshd:ordinary_tcp_layer_remote.
ordinary_tcp_layer_remote:ordinary_tcp_layer_local.
ordinary_tcp_layer_local:ssh.

ssh:ordinary_tcp_layer_local.
ordinary_tcp_layer_local:ordinary_tcp_layer_remote.
ordinary_tcp_layer_remote:sshd.

ssh:transport_protocol_layer_local.new
sshd:transport_protocol_layer_remote.new

sshd:transport_protocol_layer_remote.SSH_MSG_KEXINIT (beggining 'binary packet parameter negotiation' stage of 'key exchange' phase)
transport_protocol_layer_remote:transport_protocol_layer_local.SSH_MSG_KEXINIT (beggining 'binary packet parameter negotiation' stage of 'key exchange' phase)
transport_protocol_layer_local:ssh.SSH_MSG_KEXINIT (beggining 'binary packet parameter negotiation' stage of 'key exchange' phase)

sshd:transport_protocol_layer_remote.
transport_protocol_layer_remote:transport_protocol_layer_local.
transport_protocol_layer_local:ssh.

ssh:transport_protocol_layer_local.
transport_protocol_layer_local:transport_protocol_layer_remote.
transport_protocol_layer_remote:sshd.

ssh:transport_protocol_layer_local.cookie (random bytes used later)
transport_protocol_layer_local:transport_protocol_layer_remote.cookie (random bytes used later)
transport_protocol_layer_remote:sshd.cookie (random bytes used later)

sshd:transport_protocol_layer_remote.cookie (random bytes used later)
transport_protocol_layer_remote:transport_protocol_layer_local.cookie (random bytes used later)
transport_protocol_layer_local:ssh.cookie (random bytes used later)

sshd:transport_protocol_layer_remote.
transport_protocol_layer_remote:transport_protocol_layer_local.
transport_protocol_layer_local:ssh.

ssh:transport_protocol_layer_local.
transport_protocol_layer_local:transport_protocol_layer_remote.
transport_protocol_layer_remote:sshd.

ssh:transport_protocol_layer_local.kex_algorithms, server_host_key_algorithms
transport_protocol_layer_local:transport_protocol_layer_remote.kex_algorithms, server_host_key_algorithms
transport_protocol_layer_remote:sshd.kex_algorithms, server_host_key_algorithms

sshd:transport_protocol_layer_remote.kex_algorithms, server_host_key_algorithms
transport_protocol_layer_remote:transport_protocol_layer_local.kex_algorithms, server_host_key_algorithms
transport_protocol_layer_local:ssh.kex_algorithms, server_host_key_algorithms

ssh:transport_protocol_layer_local.encryption_algorithms (symmetric)
transport_protocol_layer_local:transport_protocol_layer_remote.encryption_algorithms (symmetric)
transport_protocol_layer_remote:sshd.encryption_algorithms (symmetric)

sshd:transport_protocol_layer_remote.encryption_algorithms (symmetric)
transport_protocol_layer_remote:transport_protocol_layer_local.encryption_algorithms (symmetric)
transport_protocol_layer_local:ssh.encryption_algorithms (symmetric)

ssh:transport_protocol_layer_local.mac_algorithms
transport_protocol_layer_local:transport_protocol_layer_remote.mac_algorithms
transport_protocol_layer_remote:sshd.mac_algorithms

sshd:transport_protocol_layer_remote.mac_algorithms
transport_protocol_layer_remote:transport_protocol_layer_local.mac_algorithms
transport_protocol_layer_local:ssh.mac_algorithms

ssh:transport_protocol_layer_local.compression_algorithms
transport_protocol_layer_local:transport_protocol_layer_remote.compression_algorithms
transport_protocol_layer_remote:sshd.compression_algorithms

sshd:transport_protocol_layer_remote.compression_algorithms
transport_protocol_layer_remote:transport_protocol_layer_local.compression_algorithms
transport_protocol_layer_local:ssh.compression_algorithms

sshd:transport_protocol_layer_remote.
transport_protocol_layer_remote:transport_protocol_layer_local.
transport_protocol_layer_local:ssh.

ssh:transport_protocol_layer_local.
transport_protocol_layer_local:transport_protocol_layer_remote.
transport_protocol_layer_remote:sshd.

ssh:transport_protocol_layer_local.first_kex_packet_follows
transport_protocol_layer_local:transport_protocol_layer_remote.first_kex_packet_follows
transport_protocol_layer_remote:sshd.first_kex_packet_follows

ssh:transport_protocol_layer_local.client's "guessed protocol" packet
transport_protocol_layer_local:transport_protocol_layer_remote.client's "guessed protocol" packet
transport_protocol_layer_remote:sshd.client's "guessed protocol" packet

sshd:transport_protocol_layer_remote.server's "guessed protocol" packet
transport_protocol_layer_remote:transport_protocol_layer_local.server's "guessed protocol" packet
transport_protocol_layer_local:ssh.server's "guessed protocol" packet

ssh:ssh2.new
ssh:ssh2.if guessed_algorithm matches, proceed
ssh:ssh2.otherwise ignore next packet
ssh2:ssh.guessed_algorithm matches
ssh:ssh2.let's stick to this packet for key exchange

sshd:sshd2.new
sshd:sshd2.if guessed_algorithm matches, proceed
sshd:guessed_algorithm matches=sshd2.otherwise ignore next packet
sshd:sshd2.let's stick to this algorithm for key exchange

ssh:shared_secret.new
ssh:shared_secret.new shared secret generated every gigabyte or every hour
ssh:big random number=RNG.gimme a big random number

ssh:=transport_protocol_layer_local.diffie-hellman
transport_protocol_layer_local:shared_secret.diffie-hellman

sshd:transport_protocol_layer_remote.diffie-hellman
transport_protocol_layer_remote:shared_secret.diffie-hellman

shared_secret:shared_secret.shared_secret (used for generating encryption and authentication keys)
shared_secret:shared_secret.exchange_hash (permanent session identifier (does not change with "hourly" new keys))


ssh:transport_protocol_layer_local.SSH_MSG_NEWKEYS (begin using new keys (this message is sent with old keys))
transport_protocol_layer_local:transport_protocol_layer_remote.SSH_MSG_NEWKEYS
transport_protocol_layer_remote:sshd.SSH_MSG_NEWKEYS

sshd:transport_protocol_layer_remote.SSH_MSG_NEWKEYS (begin using new keys (this message is sent with old keys))
transport_protocol_layer_remote:transport_protocol_layer_local.SSH_MSG_NEWKEYS
transport_protocol_layer_local:ssh.SSH_MSG_NEWKEYS



sshd:ordinary_tcp_layer_remote.
ordinary_tcp_layer_remote:ordinary_tcp_layer_local.
ordinary_tcp_layer_local:ssh.

ssh:ordinary_tcp_layer_local.
ordinary_tcp_layer_local:ordinary_tcp_layer_remote.
ordinary_tcp_layer_remote:sshd.

ssh:transport_protocol_layer_local.SSH_MSG_SERVICE_REQUEST ssh_userauth (i need authentication!)
transport_protocol_layer_local:transport_protocol_layer_remote.SSH_MSG_SERVICE_REQUEST ssh_userauth
transport_protocol_layer_remote:sshd.SSH_MSG_SERVICE_REQUEST ssh_userauth
sshd:sure=openPAM.can you authorize for the lipovitan account now?