Introduction to SSH

Secure Shell (SSH) is a protocol designed to securely access remote systems over unsecured networks. SSH encrypts communication, ensuring that sensitive data like passwords and commands are protected from interception.

What is SSH?

SSH allows users to securely log into remote machines, execute commands, and transfer files. It uses encryption to ensure data integrity, confidentiality, and authenticity. SSH is widely used by system administrators, developers, and anyone managing remote systems.

SSH operates on a client-server model. The client initiates the connection, and the server authenticates the client. After authentication, a secure channel is established, allowing communication between the two. Common use cases include managing remote systems, transferring files, and tunneling network services securely.

History and Port 22

SSH was created in 1995 by Tatu Ylönen as a secure replacement for older, unencrypted protocols like Telnet and Rlogin. To enable its use across the internet, Ylönen needed an official port assignment for SSH. On July 10, 1995, he requested port 22 from the Internet Assigned Numbers Authority (IANA), as it was unassigned at the time. Later that day, IANA confirmed the assignment of port 22 to SSH, and it has remained the default port for SSH traffic since then.

Typical Use Cases

SSH is widely used in environments where security is critical. It enables remote system management, secure file transfers, and tunneling of services like databases and web traffic over encrypted channels. Developers and system administrators rely on SSH for tasks like deploying applications, managing cloud infrastructure, and interacting with remote servers.

$ ssh user@remote_host

This command establishes a secure connection between a local machine and a remote host using SSH, enabling the user to manage the remote system.

$ scp file.txt user@remote_host:/path/to/destination

This example shows how SSH is used to securely transfer files between local and remote systems.

OpenSSH: The Reference Implementation

This handbook uses OpenSSH as the reference implementation of SSH. OpenSSH is an open-source version of the SSH protocol suite, developed by the OpenBSD project in 1999 as a free and more secure alternative to the original SSH, which had become commercialized.

OpenSSH has become the most widely used implementation of SSH, providing tools like ssh for remote login, scp for secure file transfers, and sshd for running the SSH server. Known for its emphasis on security and portability, OpenSSH is the standard for secure remote access in both personal and enterprise environments. All examples in this handbook refer to OpenSSH, unless stated otherwise.

The Difference Between SFTP and FTPS

While both SFTP and FTPS are used to transfer files securely over a network, they differ significantly in how they operate.

SFTP (SSH File Transfer Protocol) is a protocol that operates over an encrypted SSH connection. SFTP is natively integrated with SSH, providing both secure file transfers and the ability to manage remote files, such as modifying permissions or deleting files. SFTP requires only a single connection (port 22 by default) and encrypts both the command and data channels, ensuring that all data and login credentials are protected throughout the session.

On the other hand, FTPS (FTP Secure) is an extension of the traditional FTP protocol that adds support for SSL/TLS encryption. Much like how HTTPS adds encryption to HTTP, FTPS adds encryption to FTP. In this way, FTPS is to FTP what HTTPS is to HTTP, as both FTPS and HTTPS use SSL/TLS to secure the data being transmitted over otherwise insecure protocols.

FTPS can operate in two modes: explicit and implicit. In explicit FTPS, the client explicitly requests to secure the connection before any data is transmitted. In implicit FTPS, the connection is secured as soon as it is established, without any negotiation. FTPS generally requires multiple connections—one for commands and others for data transfers—which can be more complex to configure and manage. Additionally, FTPS uses ports 21 (control) and a range of other ports for data transfers, which can present challenges when configuring firewalls.

In summary:

  • SFTP operates over SSH and uses a single encrypted connection for both commands and data. It’s often preferred for secure file transfers in environments where SSH is already in use.
  • FTPS operates over SSL/TLS and generally requires multiple connections. It is an extension of the FTP protocol with added security, much like HTTPS is to HTTP, but can be more complex to manage due to its use of multiple ports.