Hurry! Try our new Interactive Courses for FREE. 🥳   🚀

SSH | Secure Shell

In this tutorial, we will be covering the concepts of SSH in Computer Networks in detail.

SSH is an abbreviation of Secure Shell. It is one of the major protocols that is used in order to access the network devices and servers over the Internet.

  • It is basically a network protocol and it mainly runs on top of TCP/IP protocol.

  • It is widely used to manage and access devices remotely.

  • Also, the secure shell(SSH) mainly enables the two remotely connected users in order to perform network communication and other services on the top of an unsecured network.

  • Thus it provides secure client/server communication and it can also be used for other tasks like file transfer and e-mail.

  • With the help of SSH, you can log in to another computer over the network and it allows you to execute the commands on the remote machine.

  • You can easily move files from one machine to another.

  • This protocol mainly encrypts the traffic in both directions; with the help of this feature, you can prevent trafficking, sniffing, and password theft.

  • By default, SSH runs on Port number 22 and you can also change it.

  • It is suitable for Public Networks.

SSH is mainly organized in the form of three sub-protocols:

Let us discuss the above given in detail in the below section one by one:

1.SSH Transport Layer protocol

The Transport Layer protocol part of the SSH mainly used to provide the confidentiality of the data, the server /host authentication, and data integrity.

  • Optionally it also provides data compression as well.
  • Server Authentication

    • The Host keys are asymmetric in nature like public/private keys.

    • The server makes use of a Public key in order to prove its identity to the client.

    • Mainly the client verifies that contacted server is a “known” host with the help of the database that it maintains.

    • Once the authentication of the server is done then session keys are generated.

  • Session Key Establishment

    • After the authentication of the server, the client and the server agree upon the cipher that is to be used.

    • The Session keys are usually generated by both the client as well as the server.

    • These keys are mainly generated before the user authentication so that usernames and passwords can be sent are encrypted.

    • The Session keys are generally replaced at regular intervals(we can say like an hour) during the session and then are destroyed immediately after use.

  • Data Integrity
    SSH mainly makes the use of Message Authentication Code (MAC) algorithms in the order of the data integrity check.

2.SSH User Authentication Protocol

As the name suggests this part of the SSH is mainly used to authenticate the user to the server.

  • This protocol is used for confirming the identity of the agent that is operating as the client.

  • The server mainly identifies that the access should be given to intended users only.

  • For the authentication purpose there are several methods that can be used;

    • Typed Passwords

    • Public-key authentication etc.

3. SSH Connection Protocol

The SSH Connection Protocol is mainly used to create distinct streams of data or logical channels, from the single client/server connection.

  • Thus this protocol mainly provides multiple logic channels over the single underlying SSH connection.

SSH Commands

Given below are some important commands used for SSH:

  • ls
    It is used to show the directory contents (mainly it list out the names of the files).

  • cd
    This command mainly helps you to change the directory

  • mkdir
    This command helps you to create a new folder/directory.

  • touch
    This command mainly allows you to remove a file.

Services Provided by SSH

There are three main services that are provided by the SSH and these are described in detail in the below section:

1.Secure-Command Shell(remote Logon)

This service provided by the SSH mainly provides the user to edit the files, allows to view the contents of the directory, and also allows accessing the applications on the connected devices. The administrator of the system can remotely start, view, stop services and processes, can create user accounts, and can also change the permissions of file/directories.

All tasks that are feasible on the command prompt of the machine can now be performed securely from the remote machine just by making the use of a secure remote login service provided by the SSH.

2.Secure File transfer

For the secure transfer of files, an extension of SSH is designed mainly known as SFTP(SSH File Transfer Protocol).

  • It is a separate protocol and is mainly used to handle the transfer of Files.

  • It is used to encrypt both i.e usernames as well as passwords.

  • It also encrypts the data of the file that is to be transferred.

  • It also makes use of Port 22.

3.Port Forwarding

The Port forwarding mainly allows the data from the unsecured TCP/IP based applications to be in the secured form.

After setting up the port forwarding the Secure Shell reroutes the traffic from the program (that is usually a client) and then sends it across the encrypted tunnel to the program on the other side that will usually a server.

With the help of this multiple applications can transmit the data over a single multiplexed and secure channel just by eliminating the need to open many ports on a firewall or a router.

Pros of SSH(Secure Shell)

Given below are the benefits offered by Secure Shell:

  1. SSH protocol offers multiple services using the same protocol.

  2. With the help of strong encryption, this protocol offers the privacy of the data of the user,

  3. It is freely available.

  4. It is used for non-commercial use.

  5. It also allows the user to view the contents of directories, edit the files, and access the custom database applications remotely.

  6. It is used to authenticate the identity of senders as well as receivers.

  7. For simple VPNs tunneling of ports work in an effective way.

  8. Allows the user to view the contents of directories, edit files, and access the custom database applications remotely.

  9. The secure shell also helps to securely tunnel insecure applications like SMTP, IMAP, POP3, and CVS.

Cons of SSH

Given below are some of the drawbacks of a secure shell(SSH):

  • This protocol does not help to protect from trojan horses or from viruses.

  • This protocol is only applicable to applications based on TCP and not applicable to applications based on UDP.

  • This protocol requires more technical knowledge.