You have probably come across the term SSH before, especially in discussions related to cyber security. In 1995, Tatu Ylönen created SSH to tackle password-sniffing attacks at the Helsinki University of Technology.
The original version, called SSH-1, aimed to replace insecure protocols like Telnet, rsh, and rlogin. Initially, SSH was available as freeware, but later, it became proprietary software.
Now, when a system admin needs to access a computer over a network, they require a secure connection to protect against malicious cyber-attacks, such as password-sniffing. Due to the security vulnerabilities in large networks, encryption protocols like SSH became essential to ensure the necessary protection.
This blog aims to provide a thorough understanding of "What is SSH?" and the underlying concepts that the protocol employs to offer a secure remote access method. We will also explore the various layers and types of encryption used in SSH and explain the purpose of each layer.
What is Secure Shell (SSH)?
As you guessed, the SSH full form stands for Secure Shell or Secure Socket Shell.
SSH is a protocol used for network communication between two computers. Its purpose is to enable secure communication and data sharing between two machines.
One of the most notable features of SSH is its ability to provide a secure method for accessing a computer over an unsecured network. This is particularly beneficial for system administrators who need to access a computer remotely.
Secure Shell or SSH has built-in encryption, meaning that any communication between the two computers is encrypted, making it safe to use on insecure networks.
It also offers strong password authentication and public key authentication, along with encrypted data communication between the two computers. This makes it an excellent choice for securely connecting two machines over an open network such as the internet.
How Does SSH Work?
As discussed, the SSH protocol is a secure method for remote login from one computer to another. It follows the client-server model, where the SSH client establishes the connection with the SSH server. The SSH protocol is made up of three layers:
- The transport layer: Its main function is to guarantee secure communication between the server and the client while monitoring data encryption and decryption. This layer also safeguards the integrity of the connection, in addition to performing data caching and compression.
- The authentication layer: This layer manages the client authentication process, ensuring that the connection is secure. It offers various authentication options to ensure strong security and safeguards communication security and integrity using powerful encryption.
- The connection layer: Once the authentication is complete, this layer manages the communication channels between the client and server.
Originally designed for Unix-like operating systems, such as Linux, macOS, and BSD, SSH is also compatible with Windows. SSH also serves as a secure alternative to login protocols that are not protected, such as telnet, as well as insecure file transfer methods like FTP.
Uses of SSH or Secure Shell Connection
SSH is a widely used protocol in data centres as it provides security management and remote access to resources, software patches, and updates. It also enables secure router management, server hardware maintenance, and virtualisation platform administration.
Because of its ease of use, strong reliability, and multiple features, SSH can be used in a variety of scenarios. These scenarios include
- establishing a connection to a remote host,
- using SSH file transfer (SSFT) for backing up,
- copying and mirroring files,
- port forwarding (enables computers located remotely to establish a connection with a specific computer within a private local-area network (LAN),
- tunnelling (transfer of data from one network to another) through a secure channel,
- and using a Virtual Private Network.
To facilitate server access, SSH keys are often employed in automation for passwordless login, configuration management, and backup. As a result, SSH is a crucial tool for system administrators.
Many administrators use SSH for accessing resources and managing applications within their organisations. However, the security principles on which SSH access-control strategies are based need to be updated and revised for modern enterprises that face increasing cybersecurity threats.
The assumption that login from specific hosts, IP addresses, and locations can be trusted is no longer reliable, as it is easy to manipulate IP addresses. This is where you can apply Zero Trust Security to SSH to secure network access. Zero Trust solutions by Instasafe Technologies offer secure remote access services and provide a seamless user experience. Schedule a free demo to see how we simplify the process of authorised access.