Partner or alone, as you wish. If you want help finding a partner, let me know.
In this assignment, you'll use Wireshark to monitor one or more SSH sessions. Then you'll provide a citation in the SSH specification documents showing where each step of your observed SSH session (up until the user is logged in to the remote machine) is described in the specs.
You'll hand in an annotated list of specific citations, each of which will include RFC number, section/subsection number, and (for long subsections) indentification of the relevant paragraph. In most cases, you won't need much annotation. Typically a small Wireshark screenshot will be sufficient. If you think clarity is enhanced by an explanation, go ahead and explain, but keep it brief.
Macs come with the command-line ssh client installed, but Wireshark is incompatible with our lab security setup on the Mac side. On Windows, we can run Wireshark, but Windows doesn't (yet) have an SSH client built in. Our solution: work on Windows, and start by downloading an SSH client.
Go get the venerable PuTTY application (you want putty.exe, the item on the top of the download choices). Fire it up, and it should be straight-forward to specify a username and host to start an SSH session.
You can use your own username with host spectra.mathcs.carleton.edu.
If you find yourself wanting to delete a known_host so you can try a new session that will include the usual RSA warning, PuTTY stores the known hosts in the Windows Registry. Go to the Windows start menu, enter regedit in the search box, run regedit, and delete everything you find under HKEY_CURRENT_USER\SoftWare\SimonTatham\PuTTY\SshHostKeys.
If you have Wireshark on your own Mac or Linux machine, you can use the built-in SSH client. Just open a terminal and type "ssh yourusername@spectra.mathcs.carleton.edu".
Have fun!