Understanding SSH: A Journey Through the OSI Model from macOS to Azure

By Roberto

Connecting to a remote server via SSH (Secure Shell) is a common task for developers and system administrators. While it might seem like a single command, a lot happens under the hood across various network layers. This blog post will break down the SSH connection process from your macOS client to an Azure host, detailing the protocols involved and their corresponding ISO/OSI model layers.

The OSI Model: A Quick Recap in TL;DR

• A[macOS Client] --> B{ssh_app};

• B -- "1. Initiate SSH Connection" --> C(tcp_transport);

• C -- "2. Establish TCP Connection (3-Way Handshake)" --> F(ethernet_datalink);

• F -- "3. Transmit as Electrical Signals" --> I(physical_layer);

• I -- "4. Receive Electrical Signals" --> F;

• F -- "5. Encapsulate into Ethernet Frames" --> E(ip_network);

• E -- "6. Extracts IP Packets" --> C;

• C -- "7. Establishes SSH Session" --> B;

• B -- "8. Uses TCP for Reliable Transport" --> G;

• G -- "9. Uses TCP Packets" --> E;

• E -- "10. Extracts IP for Routing" --> F;

The OSI Model: A Quick Recap Long version

The Open Systems Interconnection (OSI) model is a conceptual framework that standardizes the functions of a telecommunication or computing system into seven distinct layers. Each layer serves a specific purpose, building upon the services of the layer below it.

Here's how the layers are involved in an SSH connection:

Layer 7: Application Layer (SSH)

At the very top, the Application Layer is where the SSH protocol operates. When you type ssh user@host in your macOS terminal, you are interacting with this layer. SSH provides a secure channel over an unsecured network by using strong encryption and authentication. It's responsible for tasks like remote command execution, secure file transfer (SFTP), and port forwarding.

Layer 4: Transport Layer (TCP)

SSH relies on TCP (Transmission Control Protocol) at the Transport Layer. TCP is a connection-oriented protocol that ensures reliable, ordered, and error-checked delivery of a stream of octets (bytes) between applications running on hosts. Before any SSH data is exchanged, a TCP connection (the famous three-way handshake) is established between your macOS and the Azure host. TCP segments the SSH data into smaller units and adds sequence numbers and acknowledgments to guarantee delivery.

Layer 3: Network Layer (IP)

The Network Layer is where IP (Internet Protocol) comes into play. IP is responsible for logical addressing (IP addresses) and routing packets across different networks. Once TCP segments are formed, IP encapsulates them into IP packets, adding source and destination IP addresses. These packets are then routed across the internet, hop by hop, until they reach the Azure network.

Layer 2: Data Link Layer (Ethernet)

At the Data Link Layer, protocols like Ethernet are used to transfer data between directly connected network nodes. IP packets are encapsulated into Ethernet frames, which include MAC (Media Access Control) addresses for local addressing within a network segment. This is where your macOS's network interface card (NIC) prepares the data for transmission over the physical medium.

Layer 1: Physical Layer

The Physical Layer is the lowest layer and deals with the physical transmission of raw bit streams over a physical medium. This includes the cables (Ethernet, fiber optics) or wireless signals (Wi-Fi) that carry the data. Electrical signals or light pulses represent the bits as they travel from your macOS, through various network devices (routers, switches), and finally to the network interface of the Azure host.

The Journey Back: From Azure to macOS

The process is reversed when data travels from the Azure host back to your macOS. Each layer on the receiving end decapsulates the data, removing the headers added by the corresponding layer on the sending end, until the original SSH data is delivered to your SSH client.

Visualising the Path

Here are diagrams illustrating this network path:

Detailed Path D1 Diagram

Detailed D2 Diagram

Illustrative Diagram

This breakdown highlights the intricate dance between different protocols and layers that makes a seemingly simple SSH connection possible and secure. Understanding these underlying mechanisms is crucial for effective network troubleshooting and security.