17 Facts About SSH


SSH operates as a layered protocol suite comprising three principal hierarchical components: the transport layer provides server authentication, confidentiality, and integrity; the user authentication protocol validates the user to the server; and the connection protocol multiplexes the encrypted tunnel into multiple logical communication channels.

FactSnippet No. 1,630,962

SSH was designed on Unix-like operating systems, as a replacement for Telnet and for unsecured remote Unix shell protocols, such as the Berkeley Remote Shell and the related rlogin and rexec protocols, which all use insecure, plaintext transmission of authentication tokens.

FactSnippet No. 1,630,963

SSH was first designed in 1995 by Finnish computer scientist Tatu Ylonen.

FactSnippet No. 1,630,964

The most commonly implemented software stack is OpenSSH, released in 1999 as open-source software by the OpenBSD developers.

FactSnippet No. 1,630,965

SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user, if necessary.

FactSnippet No. 1,630,966

However, this is possible only if the two sides have never authenticated before, as SSH remembers the key that the server side previously used.

FactSnippet No. 1,630,967

The SSH client raises a warning before accepting the key of a new, previously unknown server.

FactSnippet No. 1,630,968

SSH is typically used to log into a remote machine and execute commands, but it supports tunneling, forwarding TCP ports and X11 connections; it can transfer files using the associated SSH file transfer or secure copy protocols.

FactSnippet No. 1,630,969

SSH is important in cloud computing to solve connectivity problems, avoiding the security issues of exposing a cloud-based virtual machine directly on the Internet.

FactSnippet No. 1,630,970

SSH can be run using SCTP rather than TCP as the connection oriented transport layer protocol.

FactSnippet No. 1,630,971

The goal of SSH was to replace the earlier rlogin, TELNET, FTP and rsh protocols, which did not provide strong authentication nor guarantee confidentiality.

FactSnippet No. 1,630,972

The original version of the SSH software used various pieces of free software, such as GNU libgmp, but later versions released by SSH Communications Security evolved into increasingly proprietary software.

FactSnippet No. 1,630,973

New features of SSH-2 include the ability to run any number of shell sessions over a single SSH connection.

FactSnippet No. 1,630,974

SSH is a protocol that can be used for many applications across many platforms including most Unix variants, as well as Microsoft Windows.

FactSnippet No. 1,630,975

SSH protocol has a layered architecture with three separate components:.

FactSnippet No. 1,630,976

Since SSH-1 has inherent design flaws which make it vulnerable, it is generally considered obsolete and should be avoided by explicitly disabling fallback to SSH-1.

FactSnippet No. 1,630,977

In November 2008, a theoretical vulnerability was discovered for all versions of SSH which allowed recovery of up to 32 bits of plaintext from a block of ciphertext that was encrypted using what was then the standard default encryption mode, CBC.

FactSnippet No. 1,630,978