How do we know/prove that ssh is working and encrypting our sessions? I am learning i think I got ssh working on my Win2K box with puTTY - Win32 client (http://www.chiark.greenend.org.uk/~sgtatham/putty/) , my RH7 box and I think I even got it working on my Computer Science account (Solaris 8). How do I figure out that they are working and not transmitting my information plaintext? Packet sniff?
Any Ideas?
I am used to the notion that you can test things to prove that they work. I guess you could blame this on being thorough and scientific.

ex: In C++ I want something to happen exactly 4 times.
<stupid example>
for( int i = 0; i < 4; i++)
{
cout << i << endl;
}
</stupid example>
Are there and proofs/tests/applications to show that ssh is working? anything along the same lines as the "Locked Lock" icon o netscape when we visit a SSL enabled page?


------------------
UnderScore
_

Well #1. Its workin #2. If you really want to check, download and install "tcpdump" and RTFM and see what is actually going through your connection between the two

Mindwarp

Tcpdump will help you see this, yes. Maybe another idea, is to finish installing it. When you have done this right, you will know it's working. How? When you connect, instantly, you will be asked for your passphrase. Then, and only then, will the login prompt appear. You will then be asked for the password to your account, as before. Usually this involves something named ssh-pubkeymgr, or something similar. What's happening is, you are installing your pub key in the other box, in it's keyring. Now, he knows who you say you are, so he uses your pub key to encrypt to you. If your private key is kept secure, only you can converse with him. Even a person with your passphrase and password is still not going to get in, because he doesn't have the private key. Both boxes see only gibberish, and hang up. Besides, it's more fun when it works that way, Ithink. http://www.linuxnewbie.org/ubb/smile.gif Ray.

------------------
ray@raymondjones.net
HTTP://www.raymondjones.net

You could run ssh in verbose mode too eg. ssh -v ,when you supply more v's (-vv) it will increase the amount of debug so you can see what exactly happens when ssh session is in progress.Another option would be to run packet sniffer (etheral comes to mind,although there's more).Hope this helps.

You could also try using dsniff and/or snort and see what they give you when you login. One of the two was great for parsing out uname/passwords on connections such as telnet/pop/etc.. Can't remember which now.

-r

Some good ideas.
Thanks I will try them.