Introduction to Secure Shell and OpenSSH

Traditional network connectivity tools like Telnet and FTP send network data in plain text format, which can be read by anyone using packet sniffing softwares.

Secure Shell (SSH) is a network protocol that allows network data transfer using a secure channel. There are two major versions of SSH, SSH1 and SSH2. When comparing SSH2 to SSH1, SSH2 is not simply SSH1 with some more new protocols. SSH2 a complete rewrite of the original protocol and has incorporated built-in protections against a number of known vulnerabilities in SSH1.

In the early days of SSH, users were able to freely download and use SSH1. When SSH2 was released, organization that holds the license, SSH Communications Security, re-released the SSH client as SSH Tectia and no longer directly offers free downloads. The open source community was against to this change in the SSH licensing and moved towards OpenSSH of the OpenBSD project, OpenSSH provides the same functionality as SSH2 without conflicting with any intellectual property restrictions. OpenSSH can be downloaded from OpenSSH web site.

OpenSSH encrypts all traffic (including passwords) to effectively eliminate packet sniffing, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions.

OpenSSH provides two levels of authentication using public key encryption. First the client verifies that it is connected to the correct server. Then OpenSSH encrypts communication between the systems. Once a secure, encrypted connection has been established, OpenSSH makes sure that the user is authorized to log in on or copy files from/to the server. After verifying the system and user, OpenSSH allows different services to be passed through the connection.

Related Tutorials
• Important OpenSSH client tools - scp, sftp, ssh, ssh-keygen, ssh-copy-id, slogin
• OpenSSH Configuration Files