SSH | Intel471 Skip to content


Secure Shell Protocol is a cryptographic network protocol for operating network services securely over an unsecured network.

Homepage slide 1

Secure Shell (SSH) is a network protocol that gives users a secure way to access a computer over an unsecured network.

It uses public-key cryptography and can be configured in such a way as to allow only certain people or machines to connect to your system. This makes it useful when you want to restrict who has access to what information.

The most common use of SSH is remote administration - logging onto a server using ssh instead of typing in a username and password. You may also need to configure permissions so that only specific users are allowed to do things like change files etc.

What are some common uses for SSL?

SSL encrypts data that travels across networks like the Internet. The most obvious example of this would be web browsing, where information such as credit card numbers travel through unencrypted channels before reaching its destination. If someone intercepts these messages, they could steal all sorts of sensitive information. For instance, hackers might try to get usernames and passwords out of a browser cache. They may even attempt to hijack accounts using stolen credentials.

How does SSL protect my personal info?

When we connect to websites via HTTPS instead of HTTP, we're actually connecting to a special type of website called a "secure site." These sites have been specially configured so that only authorized users will ever see what’s going on behind the scenes. When we visit a secure site, we'll notice that there's usually a lock icon somewhere in our browser window. That means everything we send back and forth has been secured against eavesdropping.

SSL encrypts data sent across networks so that anyone snooping along the way cannot read what was said. The most obvious example of this would be using HTTPS instead of HTTP when browsing websites. If someone intercepts traffic while it’s traveling through the Internet then all they will see is garbled text. They won't know whether there is any sensitive information contained within those messages.

The main reason why we use SSL encryption is that it provides us with security against eavesdropping attacks. We don't want our communications intercepted by third parties who may have malicious intentions. For instance, if I'm sending confidential financial documents via email, I'd rather encrypt them because hackers could potentially steal my money if they stole the data via unencrypted channels.

How does SSH differ from FTP?

FTP stands for File Transfer Protocol. It's one of many protocols which enable file transfers over TCP/IP connections. In contrast, SSH enables secure shell sessions over TCP/IP connections; hence the name Secure SHell.

In addition to providing authentication services, SSH offers other features including:

  • Encryption – Data transferred over SSH is protected using symmetric key algorithms. Symmetric keys are secret values shared between both ends of the connection. This prevents unauthorized access to your private data.

  • Authentication – Users can authenticate themselves to each other securely without having to share secrets or passphrases.

  • Port forwarding – This allows you to forward ports on your local computer to allow incoming requests on a different port number than the standard 22.

  • Remote command execution – Enables administrators to execute commands on remote machines.

Why Is SSH Key Management So important?

Private vs Public SSH Keys

When generating an SSH keypair, there are two types of keys available: private and public. A private key is kept secret by its owner while a public key is made publicly accessible through various methods such as emailing it to others, publishing it online, etc. When connecting to a remote system, both parties exchange their respective public keys to validate each other’s identities. If either party doesn't have the matching private key, then no connection can be established.

Public-key cryptography uses asymmetrical techniques in order to ensure authenticity. Asymmetry refers to the fact that every user possesses his own unique pair of keys. One key belongs to him alone while the other key is owned jointly by himself and the recipient. Each person keeps his private key safe and never shares it with anybody else. Only he knows how to decrypt the message signed with his public key. Anyone possessing the corresponding private key can verify the signature and thus confirm the identity of the sender.

What Encryption Algorithm Does SSH Use?

Symmetric Cryptography

SSH supports symmetric key-based encryption. There are three common ways to implement symmetric encryption: DES, 3DES and AES. All these algorithms operate on 64-bit blocks of plaintext and ciphertext.

AES has been adopted as the default algorithm since version 1.3 of OpenSSH. Prior versions supported only DES and 3DES. The advantage of AES is that it requires less CPU power compared to older algorithms like DES and 3DES. However, this comes at the cost of increased memory usage.

AES operates on 128 bits per block. Therefore, when encrypting large amounts of data, it will take a longer time to complete. To overcome this problem, some implementations support multiple threads so they can process more data simultaneously.