What is SSH?

September 22, 2021

Introduction

When accessing a computer over a network, system administrators need a secure connection to hide from malicious cyber-attacks, such as password-sniffing. As large networks have security flaws, encryption protocols such as TLS/SSL, IPsec, S/MIME, PGP, and SSH are necessary to ensure necessary protection.

This article provides an overview of the SSH protocol - its function, terminology, and use cases.

What is SSH? The function, terminology, and use cases of the popular network protocol.

What Does SSH Mean?

The acronym SSH stands for "Secure Shell." The SSH protocol was designed as a secure alternative to unsecured remote shell protocols. It utilizes a client-server paradigm, in which clients and servers communicate via a secure channel.

The SSH protocol has three layers:

  • The transport layer. Ensures secure communication between the server and the client, monitors data encryption/decryption, and protects the integrity of the connection. It also performs data caching and compression.
  • The authentication layer. Conducts the client authentication procedure.
  • The connection layer. Manages communication channels after the authentication.
Layers comprising the SSH protocol

The channel created by SSH uses public-key cryptography to authenticate the client. Once the connection is established, SSH provides an encrypted way to exchange information safely regardless of the underlying network infrastructure.

SSH was designed for Unix-like operating systems, such as Linux, macOS, and BSD. However, it is also works on Windows.

Note: For more information about the mechanism behind the SSH protocol, read How Does SSH Work?

A Brief SSH History

SSH was created by Tatu Ylönen in 1995. The protocol was designed to prevent password-sniffing attacks at the Helsinki University of Technology. The first version of the protocol, now called SSH-1, was designed to replace unsecured protocols such as rsh, rlogin, and Telnet. It started as freeware but soon became proprietary software.

After Ylönen's SSH-1 became a popular tool worldwide, the Internet Engineering Task Force (IETF) assembled a group whose purpose was to develop a successor to the protocol. In 2006, SSH-2 became a new standard, featuring security improvements such as Diffie-Helman key exchange.

The open-source community developed OSSH, an SSH protocol version based on version 1.2.12 of SSH-1. The OpenBSD developers later forked OSSH to create OpenSSH, the most popular SSH implementation in the world today. As of version 7.6, OpenSSH supports only SSH-2. The support for SSH-1 has been discontinued.

SSH Terminology

The following table contains some terms you may encounter when working with SSH:

TermExplanation
~ or $HOMEA user's home directory on a Unix or Unix-like system.
Authentication layerThe layer responsible for conducting the SSH authentication.
ClientA client program for establishing a connection with the server.
Client machineA computer running an SSH client.
Connection layerThe layer of the SSH protocol that manages communication channels.
Local computerA computer running an SSH client at the location.
Local userA user accessing SSH over the local computer.
Private keyPart of the public-private key pair for user authentication kept as a secret on the local machine. 
Public keyPart of the public-private key pair for user authentication copied to the SSH server during the authentication process.
Remote computerA computer running an SSH server to which SSH clients connect.
Remote userA user accessing SSH over a remote computer.
ServerAn SSH server program for communicating with SSH clients.
Server machineA computer running an SSH server.
SCPSecure Copy - a CLI utility that utilizes SSH for secure file transfer.
SFTPSecure File Transport Protocol - a protocol using SSH to secure network file transfers, not to be confused with FTPS, which leverages TLS/SSL
Transport layerThe layer of the SSH protocol overlooking the entire SSH session.

SSH Uses

SSH is widely used in data centers to provide secure management, remote access to resources, software patches, and updates. The protocol also enables protected router management, server hardware maintenance, and virtualization platform administration.

Due to ease of use, robustness, and numerous features, SSH can be applied in various scenarios.

These scenarios include:

  • Connecting to a remote host.
  • Backing up, copying, and mirroring files using SFTP.
  • Mapping a client's port to the server's port to secure TCP/IP and other network protocols.
  • Forwarding X Window System from the server to clients.
  • Tunneling sensitive data through a secure channel.
  • Using a Virtual Private Network.

SSH keys are often employed in automating server access with passwordless login, configuration management, and backup.

How to Use SSH?

Connecting to an SSH server is performed using an SSH client. Most Unix-based and Unix-like operating systems come with the daemon and the client preinstalled. On these systems, the SSH client is available in the terminal.

To connect to a remote host using the terminal, the user issues the ssh command followed by the username and the server address or hostname:

ssh [username]@[server_ip_or_hostname]

For example:

Using SSH on macOS to connect to a Unix machine

Note: If you do not specify a username for SSH, the connection uses the currently logged in user.

Windows 10 offers OpenSSH client and server as of version 1709. Earlier versions of Windows did not include SSH as a feature, so tools such as PuTTY were used to establish an SSH connection. PuTTY is an SSH client with a GUI for SSH and Telnet:

The PuTTY SSH client on Windows

Some other popular SSH clients for Windows include:

  • Bitvise
  • WinSCP
  • KiTTY
  • Solar-PuTTY
  • SmarTTY

How Secure is SSH?

When used with standard security precautions, the SSH protocol is considered to be highly secure. However, human factors play a significant role in maintaining the security of SSH connections.

Brute force attacks on SSH servers are a common scenario. Attackers attempt to connect to a large number of SSH servers using common usernames and passwords. When they gain access to a server, they use privilege escalation to gain access to the root account.

SSH keys are recommended as a more secure authentication method than passwords. However, poor SSH key management still presents a significant risk to organizations whose critical information depends on keeping the keys secret.

While SSH keys offer better protection, their misuse can provide malicious individuals access to privileged information. This information includes accounts and resources, such as databases, routers, payment systems, etc.

Exposed SSH ports are another potential security weakness. Some malware programs attack IoT devices with ports exposed, using them as a backdoor entrance to the local network.

Lastly, a large number of SSH clients on the market means that the security of the protocol also depends on the security of third-party apps.

Conclusion

This article provided a rundown of the SSH protocol, its history, features, and use cases.

If you are interested in security solutions for your server, read 21 Tips to Secure Your Server.

Was this article helpful?
YesNo
Marko Aleksic
Marko Aleksić is a Technical Writer at phoenixNAP. His innate curiosity regarding all things IT, combined with over a decade long background in writing, teaching and working in IT-related fields, led him to technical writing, where he has an opportunity to employ his skills and make technology less daunting to everyone.
Next you should read
How to Use SSH to Connect to a Remote Server in Linux or Windows
September 24, 2018

In this tutorial, Find out How To Use SSH in Linux or Windows. Get started with an SSH connection by following these easy steps.
Read more
19 Common SSH Commands in Linux With Examples
August 25, 2019

This article will guide you through the most popular SSH commands. The list can also serve as a cheat sheet and will come in handy the next time you need to complete a task.
Read more
How Does SSH Work?
December 17, 2020

The SSH protocol was inspired by the need for a more secure network communication method. In this tutorial, we will talk about what SSH is, why it is used, and how it works.
Read more
5 Linux SSH Security Best Practices
September 24, 2019

In this article, we cover the most common Linux SSH security measures you can take to make your servers more secure. By changing the default SSH port, using key pairs...
Read more
  • © 2021 Copyright phoenixNAP | Global IT Services. All Rights Reserved.