What is Secure Shell (SSH)?
Secure Shell (SSH), is a service that is similar to Telnet which enables you to remotely connect over the Internet network to a computer that is located anywhere in the world and is connected to the Internet. Unlike Telnet, SSH service provides a secure connection between the two computers.
SSH provides two crucial security measures:
- Your SSH connection is completely encrypted, it is nearly impossible for a user with malicious intent to intercept your data. Encryption is highly important when you are connecting to your server. For example, when using Telnet, your username and password are being sent as common unencrypted data, while with SSH, your credentials and data are safe.
- It is highly important that you are connected to the right server, and not to a malicious one pretending to be yours, with the intention of intercepting your data. Man-in-the-middle (MITM) attacks are a perfect example of a cyberattack where you think that you are communicating with the desired server, but instead, you are connected to a hacker's computer. In order to prevent such attacks, SSH enables you to set an SSH key pair that is used to authenticate the user or a process that wants to connect and make changes to the remote server.
SSH's practical use is not so different from Telnet. Once you are connected to the server, you can start making changes by entering commands and observing the way they are executed.
The SSH protocol is using three different types of encryption techniques:
- Symmetric encryption - a type of encryption where the client and the server are using two identical keys for encryption and decryption of data. Symmetric keys are being used during the whole SSH session.
- Asymmetric encryption - Unlike symmetric encryption, asymmetric encryption is using two different keys, one for encryption and the other for decryption of the data. These two key types are called private and public keys. Asymmetric encryption is not being used during the whole SSH session, it is being used only during the key exchange during the symmetric encryption.
- Hashing - One-way hashing is one of the encryption methods being used in the SSH connection protocol. Hashing completely differs from symmetric and asymmetric encryption. Data that is encrypted using a hashing method can never be decrypted. SSH protocol uses hash-based message authentication codes (HMAC) in order to verify the authenticity of the data being sent in order to confirm that the received command is not malicious.
How Does SSH Work?
SSH is based on a client-server protocol. In other words, the SSH protocol allows a client's computer to remotely connect to another computer, i.e server. SSH makes sure that the connection is secure by authenticating the client.
The client has to initialize the SSH connection using a TCP handshake with the server in order to establish a secure symmetric connection. If the user credentials are correct, the connection is established. Those are the two crucial steps for establishing the SSH connection - both of the systems have to establish the encryption standard, and the user must authenticate.
SSH command consists of three main parts:
- Your username.
- Your hostname or IP address.
- Your port number.
ssh username@hostname_or_IP_address -port_number
The SSH command communicates to the server in order to establish a secure shell connection.
The username portion represents an account you want to access the server using SSH protocol. The hostname_or_IP address represents your server's name or IP address, for example, www.yourdomainname.com or 243.236.22.21.
The last part of the SSH command is the port number. By default, the SSH port number is 22. If your SSH port number is the default, you don’t have to specify the port number, but if you have changed it to another number, you will have to specify that in the SSH command.
If you are a Linux or macOS user, using the SSH protocol is quite simple. If you are a Windows user, you will have to install an SSH client such as TeraTerm or PuTTY in order to use the SSH protocol.
Establish Connections with Remote Computers using Secure Shell
Using SSH in Linux
Connecting to the remote servers using SSH in Linux is quite simple. Open your Linux terminal and enter the following command. Replace the user portion with your username and server_IP_address with your server's IP address.
You will be prompted for the password. Enter your password and press ENTER. If you have entered the password correctly, the SSH connection will be established, and you can start making changes to the server.
Using SSH in macOS
The procedure for connecting to remote servers using SSH in macOS is similar, if not the same as on Linux machines. In Finder, go to the Applicationsfolder and open the Utilitiesfolder. In the Utilitiesfolder, double-click Terminal, and enter the subsequent command. Once again, replace username with your username and server_IP_address with your server's IP address.
Enter your password and start modifying your server.
Using SSH in Windows
In order to be able to connect to the remote servers using SSH in Windows, you have to install an SSH client. According to New Mexico State University, PuTTY is one of the most popular and free SSH clients for Windows machines. However, it was created in 1999, and newer software options exist. Because these pieces of software are installed on your personal device, most hosting providers do not offer support for them.
If you still want to PuTTY, download it from the official website. Once downloaded, double-click putty-64bit-0.78-installer to install PuTTY. After the installation, open PuTTY, and the configuration window will be displayed on your computer.
Once you enter the server's name or IP address, click Open to connect to the remote servers using SSH protocol.
You can also save the connection settings by naming your session in the Saved Sessions field. Enter the desired session name, and click Save. Next time you open Putty, click the session name, click Load, and finally click Open to remotely connect to the server.
If you are connecting for the first time to a remote server using PuTTY, the server's public key will be prompted. Click Yes, and the PuTTY terminal will be opened. In the PuTTY terminal, you have to enter your username and your password. If your login credentials are correct, you will be successfully connected to the remote server.
Regardless of which operating system you use, you have the necessary knowledge to connect to remote servers using the SSH protocol. Most server owners think that the SSH protocol is much more complex and difficult to understand, when in fact, it is simpler than it seems. All of the encryption and authentication lasts only a few seconds, meaning you are seconds away from establishing a secure shell connection to your remote server.
Our Sales and Support teams are available 24 hours by phone or e-mail to assist.