You may have heard about SSH due to the fact it is often mentioned for anything associated with cyber security. It appears as a very interesting topic. So, let’s explain more about it and how it actually works!
The short SSH stands for Secure Shell or Secure Socket Shell. It represents a well-known network protocol that provides regular users and, more precisely, system administrators with a secure method to access a device over an secured network.
In addition, SSH even refers to the suite of utilities that use the SSH protocol. Secure Shell allows the implementation of robust password authentication and public key authentication, plus encrypted data transmissions among two devices connecting over an open network, like the Internet.
Due to the fact it delivers strong encryption, Secure Shell is a popular tool used globally. That is especially helpful for network administrators that manage systems and applications remotely. It allows them to log in to another computer over a network, execute commands and move files from one device to another.
As we mentioned, SSH refers both to the cryptographic network protocol and the suite of utilities that use that protocol. SSH operates involving the client-server model. It connects a Secure Shell user application – the end where the session is displayed, and an SSH server – the end where the session runs. The use of Secure Shell commonly involves support for application protocols utilized for terminal emulation or file transfers. This protocol is also implemented for making safe tunnels for other application protocols, for instance, to run X Window System graphical sessions remotely securely.
A brief history of SSH
SSH was developed back in 1995 by Tatu Ylönen, who was, at the time, a researcher at the Helsinki University of Technology. The primary motivation for creating the protocol was to prevent password-sniffing attacks. The first version of the protocol, currently known as SSH-1, had the goal of replacing not-so-reliable protocols like rsh, rlogin, and Telnet. It was freeware in the beginning, and not long after became proprietary software.
Without a doubt, Tatu Ylönen’s protocol was a well-known and widespread tool used all over the world. Therefore, the Internet Engineering Task Force (IETF) formed a group of specialists in order to develop a successor to the protocol. That way, in 2006, SSH-2 was introduced and became a new standard, featuring security improvements like the Diffie-Helman key exchange.
The open-source community, desiring the availability of a free software version, created an SSH protocol version based on version 1.2.12 of SSH-1, known as OSSH. Later, The OpenBSD developers forked OSSH to create OpenSSH, which is the most famous SSH implementation in the world today. However, OpenSSH supports only SSH-2, and the support for SSH-1 has been stopped.
How does it work?
Secure Shell was developed mainly to replace not-safe terminal emulation or login programs, like Telnet, rlogin (remote login), and rsh (remote shell). It allows the same opportunities – logging in to and running terminal sessions on distant systems. Also, SSH is able to replace file transfer programs, like File Transfer Protocol (FTP) and rcp (remote copy).
However, in most cases, it is utilized to connect to a remote host for a terminal session. Here is the structure of the command that the user issues using the terminal:
Example: ssh username@SSHserver.example.com
With this command, the client is able to try to connect to the server (server.example.com) with its ID username. Suppose this is the first attempt for a connection between the local host and the server. In that case, the user will receive the remote host’s public key fingerprint and be prompted to connect, even though there has been no previous connection:
The authenticity of host ‘test.example.com (192.168.0.100)’ cannot be established.
EdDSA key fingerprint is SHA256:xxImLADIinZpfy/etR8GOoXzCkbaHasaqLPS9ZOWKW4.
Are you sure you want to continue connecting (yes/no)?
Once you answer yes, the session continues, and the host key is saved in a file in the local system. The file is hidden in a directory in the user’s home directory. Once this file is established, the client system is able to connect directly next time without the need for any approvals. That way, the host key verifies the connection.
What is it used for?
It is not a surprise that Secure Shell is widely implemented in data centers in order to deliver safe management and remote access to different resources, software patches, and updates. In addition, the protocol allows secure router management and server hardware supervision.
Due to the fact it is super easy to use, robust and has various features, Secure Shell finds its application in many cases. Some of them are the following:
- Connect to a remote host.
- Using a Virtual Private Network.
- Back up, copy, and mirror files utilizing SFTP.
- Mapping a user’s port to the server’s port to secure TCP/IP
- Tunneling sensitive information via a protected channel.
- Forwarding X Window System from the server to clients.
Besides, SSH keys are commonly used in automating server access via passwordless login, configuration management, and backup.
How to use it?
The connection with an SSH server is achieved by utilizing an SSH client. The majority of Unix-based and Unix-like operating systems (OS) include already installed daemon and the client. So, on these systems, you can find the SSH client in the terminal.
The user has to issue the ssh command with the username and the server address or hostname in order to connect to a remote host:
*If a username for SSH is not specified, the connection uses the currently logged-in user.
OpenSSH client and server are offered in version 1709 for Windows 10. So for earlier versions of Windows, tools such as PuTTY were used to establish an SSH connection because they do not offer Secure Schell as a feature. PuTTY is an SSH client with a GUI for Secure Shell and Telnet.
Achieving successful communication with Secure Shell requires a port to connect and start. For that reason, usually, all the contacts are performed using SSH port number 22. It is possible to change the number with any other available port number.
However, when the user runs the command and wants to start the communication between two devices over the network, by default, it uses port 22.
In case you want to carry sensitive information that needs to be protected, it is best to switch the usual port number with another one. That helps you avoid any potential brute-force attack. Due to the fact everybody knows about the default port 22, it is not the most secure option. It is most prone to malicious attempts, and criminals use it to steal the transferred information.
How secure is SSH?
Secure Shell is considered to be one of the highly secure protocols. Yet, the human factor is highly important in order to preserve the safety of such connections. Here are several potential vulnerabilities in Secure Shell connections:
- Brute-force attacks on SSH servers are very popular. Criminals try to connect to as many SSH servers as possible utilizing typical usernames and passwords.
- SSH keys are the preferred security authentication method over passwords. Yet, bad SSH key management can significantly threaten organizations whose sensitive data relies on holding the keys secret. Additionally, their misusage can supply cyber criminals access to confidential data, like accounts, resources, databases, routers, payment systems, etc.
- Exposed SSH ports are also a potential security vulnerability. There are malware programs that attack IoT devices with ports exposed. That way, they become a backdoor entry to the local network.
What is SSH tunneling?
SSH tunneling, also known as SSH port forwarding, is a feature of SSH that extends its capabilities beyond remote access. With SSH tunneling, you can create encrypted connections between two devices, typically a local client and a remote server, to transfer data securely. This data can include sensitive files, database connections, or web traffic. It is also particularly useful when you need to access services on a remote server that might not be directly accessible from your local network.
There are two primary types of SSH tunneling: local and remote.
- Local SSH Tunneling: In a local SSH tunnel, you create an encrypted connection from your local machine to a remote server. This connection is used to securely forward traffic from your local machine to the remote server. It is often used to access services on the remote server that are not directly accessible from your local network. For example, you could tunnel your web browser’s traffic through the SSH connection to access a web service on the remote server.
- Remote SSH Tunneling: Remote SSH tunneling involves creating a secure connection from a remote server to your local machine. This is useful when you want to allow a service on the remote server to access resources on your local network securely. For example, you could use remote SSH tunneling to allow a remote database server to connect to a database on your local network.
Telnet vs SSH
When talking about remote connectivity, the two protocols that are often used are SSH and Telnet. While both serve the purpose of allowing users to access remote systems, they differ significantly in terms of security.
Telnet, the older protocol of the two, offers a simple and straightforward way of connecting to remote devices. However, it is less secure. Telnet transmits data, including passwords, in plain text, making it vulnerable to interception. This lack of encryption makes it a risky choice for transferring sensitive information. That is why it is best to avoid it for confidential communications.
On the other hand, SSH (Secure Shell) is the modern and more secure option for remote access. It encrypts data in transit, which helps ensure confidentiality and integrity. SSH employs robust authentication methods, making it a more reliable and safe choice for remote administration and file transfers. It is widely adopted in the IT world, which is a sure sign of its trustworthiness.
In summary, while Telnet is still a possible option for non-sensitive connections, SSH appears as the most suitable choice when security is a top priority. The right choice between them depends on the nature of the data you’re handling and the level of security required.
Now you know what Secure Shell actually is and how it works. For sure, it is one of the most amazing inventions regarding establishing secure connections.
Hello! My name is Vasilena Markova. I am a Marketing Specialist at ClouDNS. I have a Bachelor’s Degree in Business Economics and am studying for my Master’s Degree in Cybersecurity Management. As a digital marketing enthusiast, I enjoy writing and expressing my interests. I am passionate about sharing knowledge, tips, and tricks to help others build a secure online presence. My absolute favorite thing to do is to travel and explore different cultures!