What is SSH Used For?
In this tutorial, we are going to see What is SSH Used For?
The Internet allows a large number of operations to be done remotely, in particular the administration of servers or the transfer of files. The Telnet protocol and the BSD r-commands (rsh, rlogin and rexec) allowing to perform these remote tasks are having the major disadvantage of circulating the information exchanged in clear text on the network, in particular the identifier (login) and the password for the access to the remote machine. Thus, a hacker located on a network between the user and the remote machine has the possibility to listen to the traffic, which means using a tool called a sniffer capable of capturing the frames circulating on the network and thus obtaining the login and the password for access to the remote machine.
Even if the data exchanged does not have a high level of security, the hacker gains access to an account on the remote machine and can eventually extend his privileges on the machine in order to gain root access.
[st_adsense]
Since it is impossible to control all the physical infrastructures located between the user and the remote machine, the only solution is to use logical security (at the data level).
The SSH (Secure Shell) protocol answers this problem by allowing users (or TCP/IP services) to access a machine through encrypted communication (called a tunnel).
SSH protocol:
The SSH (Secure Shell) protocol was developed in 1995 by the Finnish Tatu Ylönen.
It is a protocol allowing a client (a user or even a machine) to open an interactive session on a remote machine (server) in order to send commands or files in a secure manner:
- The data circulating between the client and the server are encrypted, which guarantees their confidentiality (no one other than the server or the client can read the information circulating on the network). It is therefore not possible to listen to the network using a frame analyzer.
- The client and the server authenticate each other to ensure that the two machines communicating are the ones that each party believes they are. It is therefore no longer possible for a hacker to spoof the identity of the client or the server.
Version 1 of the protocol (SSH1) proposed in 1995 was intended to be an alternative to interactive sessions (shells) such as Telnet, rsh, rlogin, and rexec. However, this protocol had a flaw that allowed an attacker to insert data into the encrypted stream. This is why in 1997 version 2 of the protocol (SSH2) was proposed as a working document (draft) to the IETF.
Secure Shell Version 2 also offers a secure file transfer solution (SFTP, Secure File Transfer Protocol).
SSH is a protocol, which means that it is a standard method for machines to establish secure communication. As such, there are many implementations of SSH clients and servers. Some are not free, others are free or open-source.
[st_adsense]
How SSH works?
Image source: https://commons.wikimedia.org/wiki/File:SSH_diagram.png
The SSH connection is established in several steps:
- First, the server and the client identify each other in order to set up a secure channel (secure transport layer).
- In a second step, the client authenticates itself to the server to get a session.
Authentication:
Once the secure connection is set up between the client and the server, the client must identify itself on the server in order to get an access authorization. There are several methods:
- the most well-known method is the traditional password. The client sends a username and a password to the server through secure communication and the server checks if the user has access to the machine and if the password provided is valid
- a less known but more flexible method is the use of public keys. If key authentication is chosen by the client, the server will create a key challenge and give access to the client if the client manages to decrypt the key challenge with its private key
[st_adsense]
- What is S/MIME and How Does It Work?
- What is SET(Secure Electronic Transaction) Protocol?
- What is S-HTTP (Secure HTTP) Protocol?
- What is SSH Used For?
- What is SSL and How does it Work?
- What is PGP(Pretty Good Privacy) in Cryptography?
- What is RSA in Cryptography?
- What Is DES (Data Encryption Standard)?
- Vigenère Cipher with Example
- What is a Digital Certificate in Cryptography?
- What is a Digital Signature in Cryptography?
- What is Session Key in Cryptography?
- Asymmetric Encryption
- Symmetric Encryption
- What is Transposition Cipher With Example?
- What is ROT13 and How Does it Work?
- What is the Caesar Cipher?
- Substitution Cipher with Example
- What is Cryptography in Computer Network?
- Computer Security MCQs – Multiple Choice Questions and Answers – Part 1
- Computer Security MCQs – Multiple Choice Questions and Answers – Part 2
- Computer Security MCQs – Multiple Choice Questions and Answers – Part 3
- Computer Security MCQs – Multiple Choice Questions and Answers – Part 4
- Web Security And Transport Layer Security (TLS)
- IT Security & Data Protection: Similarities and Differences
