SSH - kitiya/react-29 GitHub Wiki

The SSH protocol

The SSH protocol uses encryption to secure the connection between a client and a server. All user authentication, commands, output, and file transfers are encrypted to protect against attacks in the network.

SSH vs SSL/TLS – What are Differences and Similarities?

SSH and SSL/TLS generally have different purposes. SSH is often used by network administrators for tasks that a normal internet user would never have to deal with. SSL/TLS, on the other hand, is used by the average internet user all the time. Any time someone uses a website with a URL that starts with HTTPS, he is on a site with SSL/TLS.

SSH SSL/TLS
Abbreviation Secure Shell Secure Socket Layer/Transport Socket Layer
Port SSH runs on port 22 SSL runs on port 443
Usage For securely executing commands on a server. For securely communicating personal information.
Application For encrypting communication between two computers (host & client). For encrypting communication between browser and server
It is used to reduce security threats for remote server login It allows secure transition of data between a server and the browser thus, keeps information intact.
Adopted by industry Widely adopted by networking industry Widely used by e-commerce, banking, social media, government, healthcare, etc.
Authentication Via 1. public-key / private-key pair or 2. user-id / password pair Via public-key / private-key pair
a username/password authentication system to establish a secure connection. Normally uses X.509 digital certificates for server and client authentication.
SSH is working based on network tunnels. SSL is working based on digital certificates.
SSH follows authentication process by server’s verification done by client, session key generation, and client’s authentication SSL follows authentication process by exchange of digital certificate
Protocol SSH is a remote protocol SSL is a security protocol
Data integrity Measured with algorithms like SHA, SHA-2, SHA-256 Measured with the message digest and added to encrypted data before the data is sent.

SSH Commands

Command Desc
ssh {user}@{serverip} access remote server
ls Show directory contents (list the names of files).
cd Change Directory.
mkdir Create a new folder (directory).
touch Create a new file.
rm Remove a file.
cat Show contents of a file.
pwd Show current directory (full path to where you are right now).
cp Copy file/folder.
mv Move file/folder.
grep Search for a specific phrase in file/lines.
find Search files and directories.
vi/nano Text editors.
history Show last 50 used commands.
clear Clear the terminal screen.
tar Create & Unpack compressed archives.
wget Download files from the internet.
du Get file size.

Other commands / resources

How SSH Works

There are 3 techniques used in SSH:

  1. Symmetrical Encryption
  2. Asymmetrical Encryption
  3. Hashing

Symmetrical Encryption

Symmetric encryption uses one secret key for both the encryption and decryption by both parties. With symmetric encryption, anyone who possesses a key can decrypt the message being transferred.

Symmetric keys are used to encrypt the entire communication during a SSH Session. Both the client and the server derive the secret key using an agreed method, and the resultant key is never disclosed to any third party. The process of creating a symmetric key is carried out by a key exchange algorithm.

What makes this algorithm particularly secure is the fact that the key is never transmitted between the client and the host. Instead, the two computers share public pieces of data and then manipulate it to independently calculate the secret key. Even if another machine captures the publically shared data, it won’t be able to calculate the key because the key exchange algorithm is not known.

Asymmetrical Encryption

Unlike symmetrical encryption, asymmetrical encryption uses two separate keys for encryption and decryption. These two keys are known as the public key and the private key. Together, both these keys form a public-private key pair.

The public key, as the name suggest is openly distributed and shared with all parties. While it is closely linked with the private key in terms of functionality, the private key cannot be mathematically computed from the public key. The relation between the two keys is highly complex: a message that is encrypted by a machine’s public key, can only be decrypted by the same machine’s private key. This one-way relation means that the public key cannot decrypt its own messages, nor can it decrypt anything encrypted by the private key.

Unlike the general perception, asymmetrical encryption is not used to encrypt the entire SSH session. Instead, it is only used during the key exchange algorithm of symmetric encryption.

Hashing

One-way hashing is another form of cryptography used in Secure Shell Connections. One-way-hash functions differ from the above two forms of encryption in the sense that they are never meant to be decrypted. They generate a unique value of a fixed length for each input that shows no clear trend which can be exploited. This makes them practically impossible to reverse.

It is easy to generate a cryptographic hash from a given input, but impossible to generate the input from the hash. This means that if a client holds the correct input, they can generate the crypto-graphic hash and compare its value to verify whether they possess the correct input.

SSH into a Server