What is SSH?

What is SSH?

SSH' stands for 'Secure Shell', and is a transport mechanism or protocol for both authentication (ensuring the validity of the identification of a user or even a particular node in a network) and encryption (rendering information exchanged between two users or network devices unreadable except to those with the means to decrypt it). All information sent over a Secure Shell connection is encrypted, including any passwords, so network "sniffers" designed to intercept data cannot be used to for breaking into computer systems. SSH can be implemented in a variety of ways, including Virtual Private Networks (VPNs), tunnels, and remote command invocation. Three common implementations are ssh (lower case), scp, and sftp.

ssh

'ssh' also stands for secure shell, but in this case it means a user interface providing the ability to log on to a remote system. In other words, ssh is a terminal emulator similar to telnet, except that with telnet, all communication between the host (remote system) and client (local system) is sent in "cleartext", meaning that the data would be perfectly readable to anyone intercepting it (even passwords!). ssh also supports Remote Command Invocation (RCI). This enables users to connect to a remote system and execute a command, script, or program. This is useful for remote system administration and automation of tasks spanning multiple systems.

Example ssh Usages

• 
  Connect to remote system: ssh username@remote.server.address
• 
  Run a command on a remote system (check free space on root file system): ssh username@remote.server.address df -k /

sftp

'sftp' is short for 'secure file transfer protocol', and as this name implies is a method of sending and receiving files securely. sftp is based on ftp, and uses essentially the same syntax (although the underlying technology is very different). Global Filename Characters are supported.

Example sftp Usage

• sftp username@remote.server

• 
  get filename.txt
• put other.filename.txt
• get *.txt
• put files.*
• bye

scp

'scp' stands for 'secure copy'. It is a method of transferring files from one computer to another. The command set provided by scp is based on an older mechanism 'cp' as implemented in UNIX(c) systems. Again, the primary difference being that with scp, the files are encrypted during transport. The primary differences between sftp and scp is that sftp is more suited to interactive sessions, while the single-line syntax of scp lends itself to scripted transfers.

Example scp Usages

• Copy a local file to a remote system: scp myfile.txt username@remote.server.address:/path/on/server/
  

• Copy a remote file to a local path: scp username@remote.server.address/path/to/remote/file /local/file/path

SSH and the programs that use it are implemented in two parts - the server process and the client software. To connect from a local computer to a remote computer, the local computer runs an SSH client, and the remote computer must be running an SSH server. Nearly all UNIX(c) and linux installations provide both, as do modern Macintosh computers (running OS X). Windows users (at least through Vista) will have to acquire the software. There are both commercial and Open Source providers. Open Source client implementations for Windows includes PuTTY, which provides versions of ssh, scp, and sftp. Open Source server products includes OpenSSH. OpenSSH actually provides both the necessary server software and the client programs. OpenSSH is designed to run on linux and UNIX(c) systems, but can run on Windows-based computers running 'cygwin', a linux-like shell for Windows. Complete instructions for setting up any of these applications are available from their respective web sites, listed below.

Resources:

PuTTY
OpenSSH
Cygwin