A lightweight Python project that simulates the core ideas of SSH:
- Client–server communication over TCP sockets
- Username & password authentication
- Secure channel established via Diffie–Hellman (X25519) key exchange
- Encrypted command execution using Fernet (AES)
- 🔑 Encrypted client–server communication
- 👤 Simple username/password authentication
- 🖥 Remote command execution (like a minimal shell)
- 🔒 Symmetric session key derived via HKDF from ECDH shared secret
- ✨ Clean Python-only implementation (no external servers needed)
mini-ssh-simulator/
│── ssh_server_enc.py # Encrypted server
│── ssh_client_enc.py # Encrypted client
│── README.md # Project docs
- Python 3.8+
- cryptography
Install dependencies:
pip install cryptographypython ssh_server_enc.pypython ssh_client_enc.py- Username:
user - Password:
pass123
(You can change these in the server code.)
ssh> dir # Windows
ssh> ls # Linux/macOS (if server uses PowerShell or bash)
ssh> whoami
ssh> exit # quit session- Client and server exchange X25519 public keys.
- Both derive a shared secret → expanded into a 32-byte session key using HKDF.
- A Fernet cipher (AES + HMAC) encrypts all communication.
- The server prompts for username/password (simulating SSH login).
- Once authenticated, the client can send commands → executed on server → results encrypted and sent back.
- No host key verification (vulnerable to MITM).
- No support for public-key authentication.
- No terminal emulation or multiple sessions.
- Encryption is session-only (no rekeying).
- Educational toy project — do not use for real security.
- Add server host keys & client verification
- Replace password login with public/private key authentication
- Add replay protection with sequence numbers
- Support file transfer (mini SFTP-like demo)