Introduction
Secure Shell or Secure socket Shell which is better known as SSH is a network protocol that is used to access data over an unsecured network. SSH used over the internet for providing encrypted data communication between two computers. It has both strong password as well as public key authentication. It is widely used by system and network administrators for accessing devices remotely over long distances. An admin can thus login, access files remotely, and execute commands with the help of SSH. It uses the client server model where the server is accessed by the client and includes additional functionalities such as terminal emulation and file transfer. By default, it makes use of port 22 on the TCP. Let us learn a few more basic features that will help in understanding SSH.
Understanding SSH Features
Secure Shell was initially created to replace programs such as Telnet and rlogin that were insecure. Over a period of time, it was also used to replace FTP (File Transfer Protocol) and rcp(remote copy). The major features of SSH include:
- Secure Remote Login
- Secure File Transfer
- Secure Remote Command Execution
A commonly employed technique used in SSH is called as SSH tunneling or port forwarding where a secure tunnel is opened between a client and server or alternatively called local and remote host. SSH port forwarding helps in redirection of the network traffic IP address so that the applications with the server can be directly accessed by the local host.
A default command in SSH used to access a remote computer looks like:
ssh UserName@SSHserver.example.com
where UserName is the Userid and the latter half is the address of the server. After the authentication, the connection is established.
Protocols in SSH
Since SSH is an open protocol, it has different implementation based on the Operating System in use. The most commonly used implementation is the OpenSSH. PuTTY is another widely used implementation of SSH. All of the implementations primarily contain three utilities namely ssh, slogin (secure login), and scp (secure copy).
Security concerns of SSH
While SSH is useful, it faces some security issues such as management of host keys stored as they may accumulate over time with every new session. The files in which the connection information is stored also needs to be securely saved from predators. Adding an SSH command in a codebase maybe sometimes risky as if not properly encrypted, lead to exposing these credentials such as username and password to an attacker and privy eyes.