On 03/27/2016 05:46 PM, David Thornton wrote:
So when you ssh into something it doesn't send silly stings like "username:" or "password:" . That stuff is handed "in protocol" .
It's encrypted by a key that's only used once. This means that even if the text is full of known words, it's still extremely difficult to break. Also, with modern encryption, multiple instances of the same word have different encrypted strings. If the keys were continuously used, for a lot of data, then it might be possible to crack the code. However, with a single use key and modern encryption techniques, then it becomes extremely difficult. So, to recap, the public/private keys are used to protect a secret key that's only used for one session, if even that long and the encryption process prevents repeat encryption of a given plain text to encrypted text. This results in almost random encrypted data, which is extremely difficult to break.