What is SSH and what is it used for?
SSH or Secure Shell is a cryptographic network protocol for operating network services securely over an unsecured network. This includes communicating with remote servers over command-line, login, and remote command execution, but any network service can be secured with SSH. It provides a mechanism for authenticating a remote user, transferring inputs from the client to the host, and relaying the output back to the client.
We can use the ssh command to establish a connection with a remote server, authenticate a specific user and get an interactive shell session as that user. The ssh command can also be used to run individual commands on a remote system without an interactive session as well.
The connection is fully encrypted and the big advantage here is that the encryption allows you to log in securely as a user with root (or equivalent) access as well. Many SSH interfaces allow full system administration remotely and even let you transfer files directly to the server you’re connected to.
In many ways, SSH is a direct successor to the Telnet protocol. Both protocols allow command-line connections from remote users, but Telnet traditionally runs listening to port 23 and doesn’t support the encryption based security that SSH has.
To establish a connection first the Client contacts the server. This happens when the client uses the ssh command. When this happens the command checks if there is a copy of the public key for that server in its local known host files. It may be pre-configured in /ect/ssh/ssh_known_hosts or the user may have a ~/.ssh/known_hosts file in their home directory that contains the key.
If the client has a copy of the key, ssh will compare the key from the known hosts files for that server to the one it has received. It the keys do not match, ssh assumes that the network traffic to the server may be high jacked or compromised and will seek the user’s conformation on whether to continue the connection or not.
In the figure above we can see an example of using the ssh command. Here the ssh command is used to connect to newhost server. In this instance since there is no copy of the public key of the server in the known_hosts file so it prompts to answer yes or no to continue the connection. If the user enters yes the public key of the server will be saved in the known_hosts file and connection will be established but if the user selects no the connection will be terminated.
My next blog post will include management of keys for known hosts when using ssh. It there are any special topics that you want me to talk about please let me know. I’m Kavindu dulanjana Perera and you can reach out to me on any social media as well.
