SSHFeatures·Chapter4 71 The next message with a message value of 2 is the SSH_MSG_IGNORE. This message type has been used in the protocol to work around some of the key exchange problems in various methods. It has been combined with other messages to send parts of the password. It has also been used to pass information from server to client that established some of the client information but did not need to be processed by the client session. Message type 4 SSH_MSG_DEBUG is used to send session debugging information for diagnostics with SSH sessions that do not successfully connect. Type 5 and 6 SSH_MSG_ SERVICE_REQUEST and SSH_MSG_SERVICE_ACCEPT are part of the protocol that is used to start service sessions. As described above, you can start the session with an unknown client and server keys. These are the messages used to establish that initial connections and start the process to exchange the SSH keys. Finishing up the SSH-TRANS message types are 20 and 21, which are SSH_MSG_KEXINIT and SSH_MSG_NEWKEYS. The SSH_MSG_KEXINIT starts the protocol negotiation and the SSH_MSG_NEWKEYS begins the use of the new key pair. Once the KEXINT is sent no other packets can be accepted until the NEWKEYS has been received. The KEXINT Packet contains the key exchange algorithm, server key algorithm, client to server encryption algorithm, the server to client encryption algorithm and other fields to negotiate the new key exchange. Remember the SSH_MSG_KEXINIT is sent clear text to initiate the encryption negotiation. This can be read in a packet capture session using WiresharkTM.