Goals of SSH Configuration and Use
This flowchart shows the steps involved in making a trustworthy yet still convenient SSH connection.
User logs in on a client desktop system and starts an SSH agent.
User types SSH key passphrase and enables single-sign-on.
User requests a connection to a remote SSH server.
Client and server hosts authenticate to each other. They have been configured to do this in a trustworthy way, rather than asking the user an impossible-to-answer question about server SSH keys to which the user will simply answer "yes".
Client and server hosts negotiate a cipher and session key.
The user is connected using cryptographic authentication. There is no need to send the password to the remote server.
The remote server can apply access control rules when the connection is first requested, and also during the attempted authentication request.
All this is easy to set up if done according to a well organized plan. Start with Step 1 below to see how to configure and use SSH securely: