The security of your server — and therefore your data — should be one of the most important things to manage. Having your server compromised can be a problem that ranges from a minor annoyance and temporary outage to a root level, which can lead to a complete loss of information, time, and most importantly, money.
Considering this scenario, it is essential to have adequate security resources. The SSH protocol is a set of commands and software used to ensure secure data transmission, application tunneling, and remote system administration. The solution is deployed on millions of servers and is used in almost all data center environments.
The SSH protocol is widely used in automated processes between machines, including backups, database updates, system health monitoring and automated systems management applications. In short, the solution plays a critical role in the functioning of modern automated digital networks found in every business or data center.
To help you get to know the technology better, we show in this content what it is, how it works, how it came about, what are the layers and when the SSH protocol is indicated for the clients. In addition, we explain what to do to run, what are the advantages and what tools are needed in SSH, a solution characterized by fast connection, encrypted traffic and flexibility of use in IT systems.
Continue to Read on and learn more about the SSH protocol!
What is the SSH protocol?
Basically, SSH — or Secure Socket Shell — is a network protocol that provides users with a secure way to access a computer over an unsecured network. In this way, the SSH protocol provides encrypted data communication between two connected computers and strong authentication over an open network such as the Internet.
At the same time, the SSH protocol is widely used by administrators of network to manage systems and applications remotely, allowing them to log into another computer on a network, execute commands and move files from one computer to another.
How does the SSH protocol work?
SSH implementations typically include support for application commands in terminal emulation or file transfer steps. The protocol can also be used to create secure tunnels to other application protocols — for example, to securely run graphical sessions remotely.
Although it is possible to use SSH with a common user ID and password like credentials, it relies more on public key pairs to authenticate hosts to each other.
Individual users must still use their user ID and password (or other authentication methods) to connect to the remote host itself, but the local and remote machine authenticate each other separately.
This is done by generating a unique public key pair for each host in the communication; a single session requires two pairs of public keys — one to authenticate the remote machine to the local machine and one to authenticate the local machine to the remote machine.
SSH connections are used to secure many different types of data. communication between a local machine and a remote host, including secure remote access to resources, executing commands remotely, delivering patches and software updates, and other administrative or management tasks.
How Did the SSH protocol come about?
By now, you already know what the SSH protocol is and how it works. But how was this technology developed throughout history? It all started in 1995, when professor Tatu Ylönen, from the University of Technology in Helsinki, discovered, as a result of an intrusion into the university’s institutional network, a sniffer, that is, a program frequently used to monitor and analyze network traffic. .
The sniffer tracked by Tatu Ylönen had captured information from thousands of users, collected private passwords and stored them in a database. The discovery was enough for the professor to launch, in a few weeks, the first open source version, the so-called Open Source, for the SSH protocol.
Over time, the company created by Tatu Ylönen made the SSH protocol proprietary, but a group of developers relied on the latest version of this open source code to create OpenSSH, which is still incorporated today into Windows and Linux operating systems.
To give you an idea, after more than two decades, the discovery of Tatu Ylönen and the respective updates, carried out by independent developers, are present in more than half of the web servers on the planet, which indicates the security and effectiveness of the technological solution.
What is the shell in IT services anyway?
You probably know what a shell is — shell, in English. They protect, for example, turtles, snails and crabs from things that might crave their tasty interiors. So if you make the logical connection, a shell, in the IT world, can be considered a cover for something.
In terms of computers and software, a shell is a user interface for things. offers an operating system. Operating systems are meant to harmonize and control all the different parts of a computer so that it can facilitate all the various functions and software that we require for them.
Actually, you probably have daily interactions with a shell: The nice graphical interface we use to control our computers, phones and tablets is a kind of shell. This includes operating systems like Windows 10, iOS 12, Android 8.0 Oreo, etc.
At a high level, you can split an operating system into two parts: the part of the UI with which we’re all familiar and the tasty interiors of the underlying operating system — framework that’s doing all the heavy lifting behind the scenes we take for granted. Nothing too new for IT workers, right?
What are the elements of the SSH protocol?
You already know what a shell is , term that stands for the acronym Secure Socket Shell, naming the SSH protocol. But what are the main elements that form the technological solution? To answer the question, it is necessary to understand what characterizes and how the transport, authentication and connection layers work.
Firstly, the transport layer is responsible for establishing secure communication between the client and the server. The layer, which works during and after authentication, optimizes data exchange by compressing and caching information, which increases the security of websites. The technology also oversees encryption, decryption and protection of user data integrity.
The authentication layer, in turn, has the function of communicating authentication methods to the client. Relating to the transport stage, the technology also performs the process of authenticating a user, ensuring the efficiency of the IT system.
Finally, the connection layer fulfills the objective of managing the communication between machines, being performed after the transport and authentication layers.
For which cases is the SSH protocol indicated?
SSH is a versatile protocol. Its structure and security features allow it to be used in many ways such as for remote access, port forwarding, tunneling and secure file transfer. Check out some applications.
Remote Access
Remote Access gives users a way to log in to another computer or server in their machine itself. It is used to access the target machine’s local files or run services on it without having to physically be there.
Programs such as Telnet and rlogin also have this functionality, but lack the features SSH security. The encryption and authentication measures involved in SSH allow users to connect to another server or computer in a secure manner, even over a potentially dangerous intermediate network.
Remote access with SSH is commonly implemented to so employees can work remotely or to allow the IT department to perform tasks without having to physically go to the machine. It can be used for remote administration, managing network infrastructure, setting up automation, creating backups and much more.
Port Forwarding
Port forwarding is used to transfer requests from one address and port number to another set. Applies network address translation to forward ports between a local network and a remote computer, allowing you to access a device from outside the network.
Encapsulation
Tunneling protocols — or tunneling — are for moving data between networks. “Tunnels” can be deployed to allow non-native protocols to run on networks that would not normally support them. Another common use is to provide security on a vulnerable network.
Tunneling protocols wrap critical packets inside the payload of another packet. SSH tunneling allows users to bypass network security, link devices using a non-native network protocol, and secure the data being transmitted. They are often used to securely connect remote users to your organization’s online resources.
SFTP
The Data Transfer Protocol SSH Files (FTP), sometimes known as the Secure File Transfer Protocol, provides a secure way to access, transfer, and manage files. It is a safe alternative to FTP and takes advantage of the SSH protocol to send, receive and manage files securely.
What are the advantages of the SSH protocol?
You must be wondering, now, what are the advantages of SSH for your company’s IT system, right? To answer the question, we made a list of the main characteristics of this protocol. See!
Cryptography
The list couldn’t start any other way, because one of the great advantages of the SSH protocol is the encryption of the traffic. The feature allows users to take private actions on the network, from transferring a file to browsing the web and executing commands. The reason is that SSH keys provide single sign-on (SSO), making it possible to switch between accounts without having to enter multiple passwords.
Connection
Another important information about the SSH protocol is that Secure Shell guarantees the connection of servers, making changes through the terminal or specific tools. In this way, SSH keys are used to automate access to servers, with scripts, backup systems and configuration management tools.
Flexibility
)
Finally, flexibility is a strong advantage of SSH, used in scripts and other software to allow programs to access some specific data. By guaranteeing encryption and connection, the protocol makes this action, performed remotely, completely safe for the user.
How to run the SSH protocol?
Now that you know the advantages of SSH, it is essential to understand how to run this protocol on Windows and Linux systems. Check it out!
SSH Protocol on Windows
The SSH protocol was initially available in the beta version of the Windows 10 Fall Creators Update. Installing the native feature is simple, just follow these steps:
- open Windows settings;
- go to the “Applications” section;
- look for the “Applications and Features” section;
- click on the “Manage Optional Features” section; )
- wait for the list to load and when OpenSSH is not installed, click “Add a feature”;
- find the item “OpenSSH Client” and click on this option if you want to install the OpenSSH Server on the server;
- click on “Install” to finish running the SSH protocol on Windows.
After enabling the SSH protocol, open the terminal, type “ssh user@server” in the space provided for the action and press “Enter” to finish the action.
SSH protocol in Linux
For those who use the Linux system, it is necessary follow this step by step to run SSH protocol:
- install OpenSSH by opening a terminal and running some commands with permission of superuser;
- type the following commands in the terminal: “# chkconfig sshd on” and “# service sshd”, starting a new paragraph for each command, which should not include the quotes, only the stringed content;
- if you have a firewall, open the SSH port on your firewall ;
- navigate to “/opt/MicroStrategy/ServicesRegistration/yaml/” and open the “installation_list.yaml”;
- modify the “Common Path” for the MicroStrategy Common Files installation directory, typing the command “/v” instead ar/opt/MicroStrategy”;
- change the “InstallType” to “Port” using the port number of your SSH server;
- modify the “Version” to use the MicroStrategy version number;
- navigate to “/opt/MicroStrategy/ServicesRegistration/jar” and run the command “# java -jar svcsreg-admin.jar parse SSH-Server” to generate a new JSON file on the SSH server ;
- restart the MicroStrategy Services Registry with the command “# java -jar
/ServicesRegistration/jar/svcsreg-admin.jar control consul restart”;
At the end, the user must open the “Topology” view on the workstation to start the services.
What is the difference between SSH protocol and FTP protocol?
First, we need to understand what FTP is. Transferring files over the network using the File Transfer Protocol has its roots in the year 1980 when the first RFC for the FTP protocol was published.
FTP provides functions for uploading, downloading and deleting files , create and delete directories, and read directory contents. Although it is very popular, it has certain characteristics that make it difficult to use.
The main disadvantages are the lack of a uniform format for directory listing (this problem was partially solved by introducing the MLST command, but not is supported by some servers) and the presence of a secondary connection — the DATA connection. FTP security is provided using the SSL/TLS protocol for channel encryption. The secure version of FTP is called FTPS.
On UNIX systems, SSH has grown as a security standard. Its main function was to secure remote access to the shell and UNIX systems. Later, SSH was extended with the file transfer protocol — first SCP (in SSH 1.x), then SFTP (in SSH2).
The abbreviation SFTP is often mistakenly used to specify some sort of secure FTP, by which people most often mean FTPS. Another similar mistake is that SFTP is considered a type of FTP over SSL. In fact, SFTP is an abbreviation for “SSH File Transfer Protocol”.
SFTP is a binary protocol, the latest version of which is standardized in RFC 4253. All commands are packaged in binary messages and sent to the server, which responds with binary response packets.
In later versions, SFTP has been extended to provide not only file upload/download operations, but also some file system operations. files, such as file locking, symbolic link creation, etc.
FTPS and SFTP use a combination of an asymmetric algorithm, symmetric algorithm, and key exchange algorithm.
An SSH key contains only one public key (the associated private key is stored separately). It does not contain information about the owner of the key. It also lacks information to securely validate integrity and authenticity.
Some SSH software implementations use X.509 certificates for authentication, but they don’t actually validate the entire certificate chain — only the public key is used, which makes this authentication incomplete and similar to SSH key authentication.
What are the different types of encryption used by SSH?
To ensure the transmission of information, SSH employs different types of data manipulation techniques at various points in the transaction. Here’s how each works.
Symmetric
The relationship of the components that encrypt and decrypt data determines whether an encryption scheme is symmetric or asymmetric.
Symmetric encryption is a type of encryption where a key can be used to encrypt messages to the other party and also to decrypt messages received from the other party.
This type of encryption scheme is often called “shared secret” encryption or “secret key” encryption. There is usually just one key used for all operations, or a pair of keys where the relationship is easy to discover and it is trivial to derive the opposite key.
Symmetric keys are used by SSH to encrypt the entire connection. Contrary to what some users assume, the asymmetric public/private key pairs that can be created are only used for authentication, not for encrypting the connection. Symmetric encryption allows even password authentication to be protected from eavesdropping.
The client and server contribute to the establishment of this key, and the resulting secret is never known to a third party. The secret key is created through a process known as a key exchange algorithm. This exchange makes the server and client independently arrive at the same key, sharing certain public data and manipulating it with certain secret data.
The symmetric encryption key created by this procedure is based on session and constitutes the actual encryption of data sent between the server and the client. Once this is established, the rest of the data must be encrypted with this shared secret. This is done before authenticating a client.
Asymmetric
Asymmetric encryption is different from symmetric encryption in that to send data in a single direction, two associated keys are required. One of these keys is known as a private key, while the other is called a public key.
The public key can be shared freely with any party. It is associated with your paired key, but the private key cannot be derived from the public key. The mathematical relationship between the public key and the private key allows the public key to encrypt messages that can only be decrypted by the private key.
This is a one-way ability, which means that the public key it has no ability to decrypt written messages, nor can it decrypt anything the private key can send it to.
The private key must be kept secret and must never be shared with another party. This is a fundamental requirement for the public key paradigm to work. By virtue of this fact, any entity capable of decrypting these messages has demonstrated that they are in control of the private key.
SSH uses asymmetric encryption in a few different places. During the initial key exchange process used to configure symmetric encryption (applied to encrypt the session), asymmetric encryption is used. At this stage, both parties produce temporary key pairs and exchange the public key to produce the shared secret that will be used for symmetric encryption.
The best-discussed use of asymmetric encryption with SSH comes from authentication SSH key based. SSH key pairs can be used to authenticate a client to a server. The client creates a key pair and then uploads the public key to any remote server it wants to access.
After symmetric encryption is established to secure the communication between the server and the client, the client must authenticate to be granted access.
The server can use the public key in this file to encrypt a challenge message to the client. If the client can prove that it was able to decrypt this message, it has demonstrated that it has the associated private key. The server can then configure the environment for the client.
Hashing
Another form of data manipulation that SSH takes advantage of is cryptographic hashing. Cryptographic hash functions are methods for creating a succinct “signature” or summary of a set of information. Their main distinguishing attributes are that they should never be rolled back, are impossible to predictably influence, and are unique.
Using the same hashing function and message should produce the same hash; modifying any part of the data should produce a different hash. A user should not be able to produce the original message of a given hash, but must know whether a given message produced a given hash.
Given these properties, hashes are primarily used for integrity purposes data and to analyze the authenticity of the communication.
As part of the symmetric cryptography negotiation described above, a message authentication code (MAC) algorithm is selected. The algorithm is chosen by working through the client’s list of acceptable MAC choices. The first in the list that the server supports will be used.
Each message sent after encryption is negotiated must contain a MAC so that the other party can verify the integrity of the packet. The MAC is calculated from the symmetric shared secret, the message packet sequence number, and the actual message content.
What tools are needed for an SSH client?
There are many reasons why one would need to use an SSH client. Generally speaking, we use them to access systems at a remote location. The following are some of the tools required for an SSH client.
MobaXterm
MobaXterm offers a complete remote management solution, but it has one downside: it’s not open source. However, there is a free version available which, while not as feature-rich, still contains a huge amount of functionality.
It can establish graphical remote desktop connections for Windows and Linux computers. . In fact, it has a built-in VNC client to connect to any VNC capable computer.
It also has a graphical SFTP browser for easy file transfer to and from the remote computer. Other advanced features include a full X server and X11 forwarding and plugin support. You can choose to download the installer version.
You simply install it like any other Windows application. Alternatively, there is also a portable version. You download it as a zip file containing the MobaXterm executable and do not need to install it. Copy it to a USB key and use it anywhere.
The free version has the following limitations:
-
- the maximum number of simultaneous sessions is 12;
- you can set a maximum than 2 SSH tunnels;
- has a limit of 4 macros;
- there is a time limit of 360 seconds for TFTP, NFS and Cron.
)
SmarTTY
SmarTTY is a free SSH client that supports copying files and directories with SCP and editing files in-place. It is one of the best SSH clients for Windows. It may not be as complete as MobaXterm, but it has everything needed to remotely manage a device.
With most servers via SSH supporting up to 10 sub-sessions per connection, SmarTTY allows allow users to open them in a new tab without having to log in again.
In addition, SmarTTY has a Windows-style graphics file transfer utility that allows you to transfer files to and from your computer. remote. Entire directories can be transferred as easily and individual files.
Another great feature of SmarTTY, especially for performing quick administrative tasks on remote devices, is the in-place editor. When browsing remote files, you have the option to edit them right from the software. There is no need to download the file, edit it locally and send it back.
Why hire a hosting company to optimize the SSH protocol?
Without a doubt, SSH is an important tool used to ensure a high level of security for websites. Therefore, if you are looking for a hosting partner to set up a website, it is critical to find out if they include this important feature in the package.
Relying on this hosting company allows IT sectors to enjoy the benefits of managing SSH keys without the disadvantages and overhead of managing them manually.
In this sense, IT managers grant access to hosted devices and users generate their own SSH keys. The user stores the private key in their system and uploads the public key to the provider’s user portal.
When this public key is successfully uploaded to the user portal, it is automatically distributed to the infrastructure of the cloud to which the individual user has been granted access. It then allows users to access all of their IT resources with a single set of credentials, like the old ones, but this time from the cloud.
In summary, understanding the basics of the The SSH protocol can help IT managers understand the security features of this feature. Many professionals still consider this process complex, but it is simpler than it may seem.
Even if you are not an advanced systems administrator, the SSH protocol is an invaluable resource for all types of small tasks, and should be part of your toolkit.
Does your business already have a hosting provider that supports the SSH protocol? Contact us and learn how we can optimize and positively transform your reality!
