RedAsh's Blog

Secure Shell or SSH is a network protocol that allows data to be exchanged over a secure channel between two computers. Encryption provides confidentiality and integrity of data. SSH uses public-key cryptography to authenticate the remote computer and allow the remote computer to authenticate the user, if necessary.

SSH and TUNNELING
SSH is typically used to log into a remote machine and execute commands, but it also supports tunneling, forwarding arbitrary TCP ports and X11 connections; it can transfer files using the associated SFTP or SCP protocols.

An SSH server, by default, listens on the standard TCP port 22.

An SSH client program is typically used for establishing connections to an SSHD daemon accepting remote connections. Both are commonly present on most modern operating systems, including Mac OS X, Linux, FreeBSD, Solaris and OpenVMS. Proprietary, freeware and open source versions of various levels of complexity and completeness exist.
Uses of SSH

Example of tunneling an X11 application (xeyes) over SSH.SSH is most commonly used:

1. with an SSH client that supports terminal protocols, for remote administration of the SSH server computer via terminal (character-mode) console;
~ like SCSpring NetProtect and DigiSAFE.

2. in combination with SFTP, as a secure alternative to FTP which can be set up more easily on a small scale without a public key infrastructure and X.509 certificates;

3. in combination with rsync to backup, copy and mirror files efficiently and securely;
~ rsync is a software application for Unix systems which synchronizes files and directories from one location to another while minimizing data transfer using delta encoding when appropriate. An important feature of rsync not found in most similar programs/protocols is that the mirroring takes place with only one transmission in each direction. rsync can copy or display directory contents and copy files, optionally using compression and recursion.

In daemon mode, rsync listens to the default TCP port of 873, serving files in the native rsync protocol. rsync can also be used to synchronize local directories, or via a remote shell such as RSH or SSH. In the latter case, the rsync client executable must be installed on both the local and the remote host.

Released under the GNU General Public License, rsync is free software.

4. in combination with SCP, as a secure alternative for rcp file transfers;
~ Secure Copy or SCP is a means of securely transferring computer files between a local and a remote host or between two remote hosts, using the Secure Shell (SSH) protocol. The term SCP can refer to one of two related things, the SCP protocol or the SCP program.

5. for port forwarding or tunneling, frequently as an alternative to a full-fledged VPN. In this type of use, a (non-secure) TCP/IP connection of an external application is redirected to the SSH program (client or server), which forwards it to the other SSH party (server or client), which in turn forwards the connection to the desired destination host. The forwarded connection is encrypted and protected on the path between the SSH client and server only. Uses of SSH port forwarding include accessing database servers, email servers, securing X11, rdesktop, Windows Terminal Services and VNC connections or even forwarding Windows file shares. This is primarily useful for tunneling connections through firewalls which would ordinarily block that type of connection, and for encrypting protocols which are not normally encrypted (e.g. VNC);

6. for X11-forwarding for through multiple hosts;

7. for generally browsing the web through an encrypted proxy connection, using the SSH server as a proxy (with an SSH client that supports dynamic port forwarding);

8. for automated remote monitoring and management of servers;

9. for securely mounting a directory on the server as a filesystem on the local computer, using the SSH Filesystem;

10. as a full-fledged VPN;

How SSH uses public-key cryptography
First, a pair of cryptographic keys is generated. One is the private key, the other is the public key. As an analogy, they can be thought of as a matching private-key and a public padlock. The public padlock is what is installed on the remote machine and is used by ssh to authenticate users which use the matching private key. As a user of the system, you don’t care who can see or copy the padlock (ie the public key), since only the secret private key fits it. The private key is the part you keep secret inside a secure box that can only be opened with the correct passphrase. When the user wants to access a remote system, he opens the secure box with his passphrase, and uses the private-key to authenticate him with the padlock on the remote computer. Neither the passphrase nor the private key leave the user's machine. However, the user still needs to trust the local machine not to scrape his passphrase or copy his private-key while it's out of the secure box.