Customer Service and Booking Hotline: +44 (0) 845 672 0175

Search

Capabilities of the Secure Shell Protocol

Remote logins and console session are often carried out using telnet, rlogin, or similar protocols, which carry user names and passwords as plaintext, and also carry the subsequent session traffic as plaintext. Secure Shell (SSH) protocol provides a simple, flexible and free alternative...

What are the Benefits of Using SSH?

Remote logins are often carried out using telnet, rlogin, or similar protocols which carry user names and passwords as plaintext, and also carry the subsequent session traffic as plaintext. An eavesdropper can capture this traffic and immediately gain access to the remote system. SSH provides a telnet/rlogin replacement which provides

  • a secure authentication protocol for endpoints and users
  • encryption, authentication and integrity services for all of the subsequent session traffic

The UNIX commands rsh, rlogin and rcp can be replaced by the SSH commands ssh, slogin and ssh respectively.

Secure File Transfer

SSH provides a secure replacement for the FTP protocol, using the same robust authentication mechanisms, a cryptographically secure transport (confidentiality, integrity, authentication), and secure replacement for the FTP COPY command, using the SSH SCP command

Secure Remote Control Execution

SSH allows shell commands to be executed on remote machines using the same SSH services used for telnet replacement.

Authentication Using Public/Private Keys

SSH includes a public/private key infrastructure for authentication, where public keys can be stored on remote machines and used to validate a digital signature presented by a client wishing to connect to these machines. Many other authentication schemes are also allowed, but the public/private key scheme is well integrated into SSH and requires least user intervention; once the correct keys are stored, secure authentication on remote systems is automatic.

SSH Port Forwarding

An arbitrary set of ports can be forwarded across as SSH connection between two machines running an SSH client and an SSH server. This can be useful in many circumstances, for example where use of an insecure network protocol is required across an untrusted network, or where a bastion host is used to access machines from a known and tightly restricted IP address. We follow an example of port forwarding for POP3 and SMTP later in this chapter.

SSH X Forwarding

SSH allows a local X-server to display the output from a remote X-client over a secure SSH connection. This can be useful in X-windows environments (normally UNIX/Linux/Mac) where a display is required to be delivered across an insecure network.

SSH Variants

Several variants of SSH are widely discussed, as shown in the diagram opposite, including earlier versions of the protocol (SSH-1) which are vulnerable to attack, commercial implementations of the protocol, and open source implementations of the SSH protocols.

Bookmark this article

Share this article using the following sites:

Courses by category...

Glossary Search

Newsletter Sign-up

Our RSS Feeds...