Operation of the Server Daemon
When sshd2 is started, it begins to listen on a
port for a socket. The default port is port 22, now a
well-known port for Secure Shell. This can be changed to suit any
custom environments, e.g. if you want to run sshd2 from a
non-privileged account; however, make sure that no other
process is using the port you are planning to use.
The Secure Shell daemon can also be started from the Internet
daemon inetdsshd2 is not invoked through inetd
but started on its own.
When the daemon is listening for a socket, it waits until a
client initiates a socket connection. Once connected, the
daemon forks a child process, which in turn initiates key
exchange with the client. The child process handles the actual
connection with the client, including authentication, supported
cipher negotiation, encrypted data transfer, and termination of
the connection. After the connection has been terminated, the
child process terminates as well. The parent process continues
listening for other connections until explicitly stopped.
Login Process
When a user successfully logs in, sshd2
- Changes to run with normal user privileges.
- Sets up a basic environment.
- Reads
/etc/environment if it exists.
- Changes to the user's home directory.
- Runs the user's shell or specified command.
