SSH - Authentication



The client tries to authenticate itself using:

  • host-based authentication,
  • public key authentication,
  • challenge-response authentication,
  • or password authentication.

If the client successfully authenticates itself, a dialog for preparing the session is entered.

At this time the client may request things like:

  • allocating a pseudo-tty,
  • forwarding X11 connections,
  • forwarding TCP connections,
  • or forwarding the authentication agent connection over the secure channel.

The two sides enters then in session mode.


You cannot pass the password via stdin. This is by designed.

ssh uses direct TTY access to make sure that the password is indeed issued by an interactive keyboard user.

Powered by ComboStrap