Tue Feb 19 2019
What is SSH and how does it work?
SSH stands for Secure Shell or Secure Socket Shell. It's developed by SSH Communications Security Ltd. Secure Shell is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It's a network protocol that gives users, particularly system administrators, a secure way to access a computer over an unsecured network. It provides strong authentication and encrypted data communications. It is a replacement for rlogin, rsh, rcp, and rdist.
The first version of SSH appeared in 1995 and was designed by Tatu Ylönen, who was, at the time, a researcher at Helsinki University of Technology and later went on to start SSH Communications Security, a cybersecurity vendor based in Waltham, Mass.
The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2. The standard TCP port for SSH is 22. SSH is generally used to access Unix-like operating systems, but it can also be used on Windows. Windows 10 uses OpenSSH as its default SSH client.
Why is SSH used?
SSH protects a network from attacks such as IP spoofing, IP source routing, and DNS spoofing. An attacker who has managed to take over a network can only force ssh to disconnect. He or she cannot play back the traffic or hijack the connection when encryption is enabled.
When using ssh slogin (instead of rlogin) the entire login session, including transmission of a password, is encrypted; therefore it is almost impossible for an outsider to collect passwords.
If SSH is used for remote shell login and file copying, these security threats can be greatly diminished. This is because the SSH client and server use digital signatures to verify their identity. Additionally, all communication between the client and server systems is encrypted. Attempts to spoof the identity of either side of communication does not work, since each packet is encrypted using a key known only by the local and remote systems.
SSH is widely used by network administrators for managing systems and applications remotely, allowing them to log into another computer over a network, execute commands and move files from one computer to another.
How does SSH protocol work?
-
The protocol works in the client-server model, which means that the connection is established by the SSH client connecting to the SSH server.
-
The SSH client drives the connection setup process and uses public key cryptography to verify the identity of the SSH server.
-
After the setup phase, the SSH protocol uses strong symmetric encryption and hashing algorithms to ensure the privacy and integrity of the data that is exchanged between the client and the server.
SSH Command in Linux
The 'ssh' command provides a secure encrypted connection between two hosts over an insecure network. This connection can also be used for terminal access, file transfers, and for tunneling other applications. Graphical X11 applications can also be run securely over SSH from a remote location. Linux typically uses the OpenSSH client. The ssh command to log into a remote machine is very simple. To log in to a remote computer called sample.ssh.com.
Stock photo from Funtap