What is SSH and How Does It Work?

SSH is a secured network protocol to access remote computers in a network.

Computers talk to each other through networks. Hence, network researchers defined a set of rules for communicating to other machines and started developing protocols like Telnet; using that, one user can take control over another computer.

But they are not secure, i.e., anyone in the middle of the network can intercept and read the data being transferred. In the mid-90s, a more secured protocol named ssh has been introduced as a reliable successor of telnet protocol.

If you are a software developer or system administrator working in an industry, you might have used ssh, at least a single time. If you didn’t, let’s learn it now, as it is one of the must-know essential skills.

What is SSH?

SSH or Secure Shell or Secure Socket Shell is a network protocol that helps us securely accessing and communicating with remote machines (mostly remote servers).

It provides strong encryption and is widely used by network administrators and developers to manage remote systems & applications, execute commands, share files, etc.

Need of SSH

SSH was created in 1995 to solve security issues faced by unsecured remote access protocols like rlogin, rsh, Telnet.

Now let’s talk about Telnet, which stands for Teletype Network developed in 1969. It is a simple command-line tool that runs on your computer to access a remote server (anywhere located in the globe). And send commands to be executed on that server, just as if you are sitting right before the remote server(even miles away from the server). Telnet transmits and receives messages in plain text over a network.

The commands you would execute could be to run programs, create directories, create/delete/transfer files, start/stop services, etc.

The problem with connecting another machine in a network is, the data being transmitted will pass through many networks. In the meantime, some of which might be insecure, and the transmitting data could be intercepted, possibly modified before it reaches the intended target machine.

In the early days, where security was not so important, all communication occurs in plain text. Hence, the data being transmitted over the internet between client and server can be intercepted easily. And it can be read as the messages are not encrypted.

Therefore, plaintext protocols are extremely insecure and never be used for sensitive data transmission like passwords, secrets, etc. Hence, SSH is being considered a secure alternative to legacy remote access network protocols.

How does it work?

SSH uses a client-server architecture for secured communication over the network by connecting an ssh client with the ssh server. By default, ssh server listens to the standard TCP port 22 (you can change this for better security).

It uses a public-key cryptography technique to authenticate between client and server. In addition, the protocol uses strong symmetric encryption & hashing algorithms for the exchange of messages between client and server to ensure privacy and data integrity.

Linux is the widely used operating system for remote servers because of its security and durability. Many Server that uses Linux operating system on the internet has been running for years without many failures or even being restarted.

Most SSH sessions (a period in which we access the remote server) will have only the following two operations:

• Authentication
• Command Execution

SSH servers can authenticate clients using a variety of methods.

And the two popular ways are:

• Password-based
• Key-based

Password-based authentication is the default method used for authentication for OpenSSH installed clients. It is the most basic ssh authentication but not the most secure one.

Even though passwords are sent to the server securely, modern brute force attacks may bypass the authentication.

Key-based authentication improves the system security even further by generating SSH key pairs, which proves to be a reliable and secure alternative.

After the server authenticates the client successfully, a secure connection is established between them.

Accessing Remote Server Using SSH

If you are a Mac/Linux user, you can directly use the terminal to type and run ssh commands, as the OpenSSH is already installed by default.

If you are a Windows user, you need to install one third-party terminal emulator client to run ssh commands. PuTTY is the most popular ssh client for Windows operating system.

To connect to a remote server using SSH, you need to know at least two things.

• server host
• user name

The syntax for basic ssh command is:

$ ssh  @  -p 

The user-name is the remote machine’s username we are trying to connect (and not the user on your local machine), and the host is either an IP address or a domain name.

Let’s look at an example of connecting to a remote server using the OverTheWire website. It’s a free wargame challenge website.

Now, let’s connect to the bandit challenge using ssh. It is one of the available challenges on the website that teaches how to log in using SSH.

Credentials:

user name & password: bandit0

host & port: bandit.labs.overthewire.org, 2220

When you type the following command and press enter:

$ ssh [email protected] -p 2220

It will prompt you for the password for authentication purposes. Now type the password and press enter:

If the password typed is correct, you are successfully logged into the remote server, and your terminal will look like the above image.

Now you can use the remote machine’s terminal to type and execute your commands and perform your needy operations.

When you want to end the ssh session, then type exit command:

$ exit

You’ll get a message, “Connection closed” when you successfully log out from the ssh session.

Conclusion

The main reason behind the popularity of SSH is the entire communication between the server and client is encrypted.

Most people assume using ssh is complex, and gaining knowledge on how it works is not easily understandable, but it is simpler than you think. Now you have a basic understanding of SSH, how it works, the security aspects behind it, and why it plays a vital role in communication.

Next, explore some of the resources to become Sysadmin.