Version 4.1 - 2.0 SSH
This is a topic that is more vast than it looks. Most of us know SSH because we SSH to a device. But SSH is more than that - think of SFTP (SSH File Transfer) and all those other protocols "over SSH" that we use. From the Wikipedia page: "SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server." I'm not sure how deep the exam will go on this, but I'm going to focus on the outline of it to keep it reasonable. If you want to know more, you can explore The SSH Page where you can see a picture of the guy who invented SSH and learn more about it than you would ever want to know. However, one of the things you may want to know is on the Malware page of this site. It covers Malware that uses SSH keys to gain root privilege and spread attacks (very interesting info there).
RFC 4235 covers the SSH Transport Layer Protocol and is updated with RFC 6668 to cover the SHA-2 family in SSH (recommended). SSH currently uses SHA-1 or MD5. Authentication at the protocol level is host-based. The SSH protocol does not perform "user" authentication (the higher level application that uses SSH is actually what is performing the user authentication that you commonly see). SSH is normally used over TCP port 22. RFC 4235 covers SSH version 2.0 (which is the latest version). Although this RFC covers the protocol, the architecture of the protocol is found in RFC 4251.
SSH consists of three major components:
* The Transport Layer Protocol
* The User Authentication Protocol
* The Connection Protocol
"The Transport Layer Protocol provides server authentication, confidentiality, and integrity. It may optionally also provide compression. The transport layer will typically be run over a TCP/IP connection, but might also be used on top of any other reliable data stream. The User Authentication Protocol authenticates the client-side user to the server. It runs over the transport layer protocol. The Connection Protocol multiplexes the encrypted tunnel into several logical channels. It runs over the user authentication protocol."
Now if you look at the above and see that there is a "User Authentication Protocol" and I said that it doesn't perform "user" authentication - this looks strange, right? It is the context of the words that can cause confusion. The server has a key that it uses in the authentication negotiation. If you've ever changed the host name or domain on a router that you have previously used SSH to access and then tried to SSH to it again (or zeroized and regenerated the keys) - you get that weird message from your ssh client that something's fishy and you should run away from this device right now! [IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!] Normally, you delete the cached keys from that server and attempt to connect again. Well, this is the "authentication" they are referring to in User Authentication. It is your host machine's key that is authenticating to the server (not your username and password). The username and password part that you are used to when you remote access a device using SSH is actually in the application (the implementation of SSH for remote access by the IOS).
And since this is a Cisco exam, it would be wise to take a look at Configuring Secure Shell on Routers and Switches Running Cisco IOS if you are not already familiar with this.
You may get questions on SSH v1 vs SSH v2 in some fashion. This Cisco Doc has some good information that may be helpful. In practice, if you're having trouble implementing version 2, you probably don't have a large enough key size. Zeroize and regenerate the RSA key with a size greater than or equal to 768 bits. Then the "ip ssh version 2" command will work.
I think this is enough on the SSH protocol itself. I don't think it will go much deeper than that on the protocol itself. Mainly, anything else would be covered under the implementation of an application over SSH.