Skip to main content

The Secret Of SSH SERVER

 

The OpenSSH server component, sshd, listens continuously for client connections from any of the client tools



What Does SSH Mean?

The acronym SSH stands for "Secure Shell." The SSH protocol was designed as a secure alternative to unsecured remote shell protocols. It utilizes a client-server paradigm, in which clients and servers communicate via a secure channel.


The SSH protocol has three layers:


The transport layer. Ensures secure communication between the server and the client, monitors data encryption/decryption, and protects the integrity of the connection. It also performs data caching and compression.

The authentication layer. Conducts the client authentication procedure.

The connection layer. Manages communication channels after the authentication.




The channel created by SSH uses public-key cryptography to authenticate the client. Once the connection is established, SSH provides an encrypted way to exchange information safely regardless of the underlying network infrastructure.


SSH was designed for Unix-like operating systems, such as Linux, macOS, and BSD. However, it is also works on Windows.


A Brief SSH History

SSH was created by Tatu Ylönen in 1995. The protocol was designed to prevent password-sniffing attacks at the Helsinki University of Technology. The first version of the protocol, now called SSH-1, was designed to replace unsecured protocols such as rsh, rlogin, and Telnet. It started as freeware but soon became proprietary software.


After Ylönen's SSH-1 became a popular tool worldwide, the Internet Engineering Task Force (IETF) assembled a group whose purpose was to develop a successor to the protocol. In 2006, SSH-2 became a new standard, featuring security improvements such as Diffie-Helman key exchange.


The open-source community developed OSSH, an SSH protocol version based on version 1.2.12 of SSH-1. The OpenBSD developers later forked OSSH to create OpenSSH, the most popular SSH implementation in the world today. As of version 7.6, OpenSSH supports only SSH-2. The support for SSH-1 has been discontinued.


SSH Terminology

The following table contains some terms you may encounter when working with SSH:


Term Explanation

~ or $HOME A user's home directory on a Unix or Unix-like system.

Authentication layer The layer responsible for conducting the SSH authentication.

Client A client program for establishing a connection with the server.

Client machine A computer running an SSH client.

Connection layer The layer of the SSH protocol that manages communication channels.

Local computer A computer running an SSH client at the location.

Local user A user accessing SSH over the local computer.

Private key Part of the public-private key pair for user authentication kept as a secret on the local machine. 

Public key Part of the public-private key pair for user authentication copied to the SSH server during the authentication process.

Remote computer A computer running an SSH server to which SSH clients connect.

Remote user A user accessing SSH over a remote computer.

Server An SSH server program for communicating with SSH clients.

Server machine A computer running an SSH server.

SCP Secure Copy - a CLI utility that utilizes SSH for secure file transfer.

SFTP Secure File Transport Protocol - a protocol using SSH to secure network file transfers, not to be confused with FTPS, which leverages TLS/SSL

Transport layer The layer of the SSH protocol overlooking the entire SSH session.

SSH Uses

SSH is widely used in data centers to provide secure management, remote access to resources, software patches, and updates. The protocol also enables protected router management, server hardware maintenance, and virtualization platform administration.


Due to ease of use, robustness, and numerous features, SSH can be applied in various scenarios.


These scenarios include:


Connecting to a remote host.

Backing up, copying, and mirroring files using SFTP.

Mapping a client's port to the server's port to secure TCP/IP and other network protocols.

Forwarding X Window System from the server to clients.

Tunneling sensitive data through a secure channel.

Using a Virtual Private Network.

SSH keys are often employed in automating server access with passwordless login, configuration management, and backup.


How to Use SSH?

Connecting to an SSH server is performed using an SSH client. Most Unix-based and Unix-like operating systems come with the daemon and the client preinstalled. On these systems, the SSH client is available in the terminal.


To connect to a remote host using the terminal, the user issues the ssh command followed by the username and the server address or hostname:


ssh [username]@[server_ip_or_hostname]


For example:


Using SSH on macOS to connect to a Unix machine

Note: If you do not specify a username for SSH, the connection uses the currently logged in user.


Windows 10 offers OpenSSH client and server as of version 1709. Earlier versions of Windows did not include SSH as a feature, so tools such as PuTTY were used to establish an SSH connection. PuTTY is an SSH client with a GUI for SSH and Telnet:


The PuTTY SSH client on Windows

Some other popular SSH clients for Windows include:


Bitvise

WinSCP

KiTTY

Solar-PuTTY

SmarTTY

How Secure is SSH?

When used with standard security precautions, the SSH protocol is considered to be highly secure. However, human factors play a significant role in maintaining the security of SSH connections.


Brute force attacks on SSH servers are a common scenario. Attackers attempt to connect to a large number of SSH servers using common usernames and passwords. When they gain access to a server, they use privilege escalation to gain access to the root account.


SSH keys are recommended as a more secure authentication method than passwords. However, poor SSH key management still presents a significant risk to organizations whose critical information depends on keeping the keys secret.


While SSH keys offer better protection, their misuse can provide malicious individuals access to privileged information. This information includes accounts and resources, such as databases, routers, payment systems, etc.


Exposed SSH ports are another potential security weakness. Some malware programs attack IoT devices with ports exposed, using them as a backdoor entrance to the local network.


Lastly, a large number of SSH clients on the market means that the security of the protocol also depends on the security of third-party apps.


Conclusion

This article provided a rundown of the SSH protocol, its history, features, and use cases.


If you are interested in security solutions for your server, read 21 Tips to Secure Your Server.

for download purpose visit: 

windows : https://github.com/ssecgroup/putty/blob/8eab16f9aa3e4b720fa2af7cbd714b2f1fa97940/putty-64bit-0.78-installer.msi

linux: https://github.com/ssecgroup/putty/blob/8eab16f9aa3e4b720fa2af7cbd714b2f1fa97940/putty-0.78.tar.gz

official: https://putty.org/


follow me for deep tech articals


Comments

Post a Comment

Popular posts from this blog

Who Else Wants To Know The Mystery Behind C++ Output ?

 C++ Output (Print Text) The cout object, together with the << operator, is used to output values/print text: for example ; #include <iostream> using namespace std; int main() {   cout << "Hello World!";   return 0; } Note: You can add as many cout objects as you want. However, note that it does not insert a new line at the end of the output: #include <iostream> using namespace std; int main() {   cout << "Hello World!";   cout << "I am learning C++";   return 0; }
Post a Comment
Read more

The Secret of Successful TOP MOBILE BRANDS #bbk electronics

Everything you should know about BBK Electronics, its founder, brands & products, and net worth. The name BBK Electronics might not sound common to many out there, but, if you’ve used an Oppo, Vivo, OnePlus, Realme, or iQOO smartphone before, then you’ve used a BBK Electronics product. What is BBK Electronics? BBK Electronics. It markets smartphones under the Realme, OPPO, Vivo and OnePlus brands, and Blu-ray players, headphones and headphone amplifiers under the OPPO Digital division. BBK Electronics: Meet the world’s 2nd largest smartphone manufacturer you’ve probably never heard. Apple and Samsung are undeniably the most popular smartphone brands today. Shipping almost 300 million units last 2019, Samsung easily beats the pack to become the world’s largest phone manufacturer. All of this is expected because everybody’s heard about Samsung, and everybody either owns a Samsung phone or knows somebody who does. But what do you know about BBK Electronics, the world’s second-largest ...
Post a Comment
Read more

Who Else Wants To Know The Mystery Behind C++ syntex?

C++ Syntax C++ Basic Syntax Object − Objects have states and behaviors. Example: A dog has states - color, name, breed as well as behaviors -... Class − A class can be defined as a template/blueprint that describes the behaviors/states that object of its type. for example ; #include <iostream> int main() {   std::cout << "Hello World!";   return 0; } Example explained Line 1: #include <iostream> is a header file library that lets us work with input and output objects, such as cout (used in line 5). Header files add functionality to C++ programs. Line 2: using namespace std means that we can use names for objects and variables from the standard library. Don't worry if you don't understand how #include <iostream> and using namespace std works. Just think of it as something that (almost) always appears in your program. Line 3: A blank line. C++ ignores white space. But we use it to make the code more readable. Line 4: Another thing that always app...
Post a Comment
Read more