4 Algorithms and methods
The ssh2 protocol is designed for extensibility as described in the Protocol architecture section.
When the key-exchange process starts, the client and server programs agree on the ssh2 algorithms that will be used to secure the connection. There are five types of algorithms that need to be agreed upon: key-exchange algorithms, host authentication algorithms, cipher algorithms, message authentication algorithms and compression algorithms.
The library comes with modules that implement various algorithms for the ssh2 protocol. Some provided modules use builtin crypto implementation and other rely on external libraries like Libgcrypt and OpenSSL. A subset of the modules provided as part of assh allows running the ssh2 protocol without relying on any external library. Additional modules can be added in order to support alternate implementations as well as new algorithms and hardware acceleration.
There are also multiple features of the protocol that are named and negotiated independently of the key-exchange process. This is the case of services and user authentication methods, for instance.
The following subsections list supported algorithms, authentication methods and key formats.