The Secure Shell Protocol (SSH) is a
cryptographic network protocol for operating
network services securely over an unsecured network.
Its most notable applications are remote
login and
command-line execution.
SSH applications are based on a
client–server architecture, connecting an
SSH client instance with an
SSH server.
SSH operates as a layered protocol suite comprising three principal hierarchical components: the ''transport layer'' provides server authentication, confidentiality, and integrity; the ''user authentication protocol'' validates the user to the server; and the ''connection protocol'' multiplexes the encrypted tunnel into multiple logical communication channels.
SSH was designed on
Unix-like operating systems, as a replacement for
Telnet
Telnet is an application protocol used on the Internet or local area network to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection. User data is interspersed in-band with Telnet control i ...
and for
unsecured remote
Unix shell protocols, such as the Berkeley
Remote Shell
The remote shell (rsh) is a command line computer program that can execute shell commands as another user, and on another computer across a computer network.
The remote system to which ''rsh'' connects runs the ''rsh'' daemon (rshd). The daem ...
(rsh) and the related
rlogin
The Berkeley r-commands are a suite of computer programs designed to enable users of one Unix system to log in or issue commands to another Unix computer via TCP/IP computer network. The r-commands were developed in 1982 by the Computer Syste ...
and
rexec protocols, which all use insecure,
plaintext
In cryptography, plaintext usually means unencrypted information pending input into cryptographic algorithms, usually encryption algorithms. This usually refers to data that is transmitted or stored unencrypted.
Overview
With the advent of comp ...
transmission of authentication tokens.
SSH was first designed in 1995 by Finnish computer scientist Tatu Ylönen. Subsequent development of the protocol suite proceeded in several developer groups, producing several variants of implementation. The protocol specification distinguishes two major versions, referred to as SSH-1 and SSH-2. The most commonly implemented software stack is
OpenSSH, released in 1999 as open-source software by the
OpenBSD developers. Implementations are distributed for all types of operating systems in common use, including embedded systems.
Definition
SSH uses
public-key cryptography
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic a ...
to
authenticate the remote computer and allow it to authenticate the user, if necessary.
SSH may be used in several methodologies. In the simplest manner, both ends of a communication channel use automatically generated public-private key pairs to encrypt a network connection, and then use a
password to authenticate the user.
When the public-private key pair is generated by the user manually, the authentication is essentially performed when the key pair is created, and a session may then be opened automatically without a password prompt. In this scenario, the public key is placed on all computers that must allow access to the owner of the matching private key, which the owner keeps private. While authentication is based on the private key, the key is never transferred through the network during authentication. SSH only verifies that the same person offering the public key also owns the matching private key.
In all versions of SSH it is important to verify unknown
public keys, i.e.
associate the public keys with identities, before accepting them as valid. Accepting an attacker's public key without validation will authorize an unauthorized attacker as a valid user.
Authentication: OpenSSH key management
On
Unix-like systems, the list of authorized public keys is typically stored in the home directory of the user that is allowed to log in remotely, in the file ~/.ssh/authorized_keys. This file is respected by SSH only if it is not writable by anything apart from the owner and root. When the public key is present on the remote end and the matching private key is present on the local end, typing in the password is no longer required. However, for additional security the private key itself can be locked with a passphrase.
The private key can also be looked for in standard places, and its full path can be specified as a command line setting (the option
-i
for ssh). The
ssh-keygen utility produces the public and private keys, always in pairs.
SSH also supports password-based authentication that is encrypted by automatically generated keys. In this case, the attacker could imitate the legitimate server side, ask for the password, and obtain it (
man-in-the-middle attack). However, this is possible only if the two sides have never authenticated before, as SSH remembers the key that the server side previously used. The SSH client raises a warning before accepting the key of a new, previously unknown server. Password authentication can be disabled from the server side.
Use
SSH is typically used to log into a remote machine and execute commands, but it also supports
tunneling,
forwarding TCP ports and
X11 connections; it can transfer files using the associated
SSH file transfer (SFTP) or
secure copy
Secure copy protocol (SCP) is a means of securely transferring computer files between a local host and a remote host or between two remote hosts. It is based on the Secure Shell (SSH) protocol. "SCP" commonly refers to both the Secure Copy Protoc ...
(SCP) protocols.
SSH uses the
client–server model
The client–server model is a distributed application structure that partitions tasks or workloads between the providers of a resource or service, called servers, and service requesters, called clients. Often clients and servers communicate ov ...
.
An SSH
client program is typically used for establishing connections to an SSH
daemon, such as sshd, accepting remote connections. Both are commonly present on most modern
operating systems, including
macOS, most distributions of
Linux
Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, whi ...
,
OpenBSD,
FreeBSD,
NetBSD,
Solaris and
OpenVMS. Notably, versions of
Windows prior to Windows 10 version 1709 do not include SSH by default.