SSH (Secure Shell) Basics
SSH (Secure Shell) is a cryptographic network protocol used to securely log onto remote systems, execute commands, and transfer files.
It was designed to replace the older Telnet protocol, which transmitted data in cleartext (unencrypted), making it vulnerable to eavesdropping. SSH ensures safety by encrypting all transmitted data.
1. The Core of SSH: Encryption and Keys
SSH uses a pair of keys known as the Public Key and Private Key for robust security.
① The Key Pair Principle (Lock and Key)
- Public Key: Acts like a Lock. It is placed on the server (the remote computer). It is safe to be shared.
- Private Key: Acts like the Key. It is kept securely on the user's computer (client). It must NEVER be shared.
② Connection Process
- The client requests a connection to the server.
- The server issues an encrypted challenge, effectively asking, "Prove you can unlock this (Public Key)."
- The client uses its stored Private Key to solve the challenge and sends the result back.
- Once verified, the server trusts the client and allows access.
2. Telnet vs. SSH Comparison
| Feature | Telnet | SSH |
|---|---|---|
| Data Transmission | Cleartext (Unencrypted) | Encrypted |
| Security | Low (Passwords are visible if intercepted) | High (Data is unreadable if intercepted) |
| Port Number | 23 | 22 |
| Primary Usage | Legacy (Rarely used) | Server administration, Remote control, File transfer (SFTP) |
3. Key Functions of SSH
- Remote Shell: Allows you to control a remote server's terminal as if you were sitting right in front of it.
- Secure File Transfer (SFTP): A secure version of FTP for uploading/downloading files.
- Tunneling: Can encapsulate other protocols within the SSH connection to transmit them securely.