SSH (Secure Shell) is a cryptographic network protocol used for secure remote login and command execution over insecure networks. It establishes a protected channel by encrypting all transmitted data, including credentials and session content. This makes it the industry standard for managing servers and network infrastructure.
How it works
The protocol operates on a client-server model using public-key cryptography for authentication. Users authenticate via passwords or, more securely, using SSH key pairs (RSA or Ed25519). Once the identity is verified, a secure session is established using symmetric encryption like AES or ChaCha20 to ensure data integrity and confidentiality.
- Remote system administration and shell access.
- Secure file operations via
SFTPandSCP. - Creating encrypted tunnels to forward local or remote TCP ports.
A typical security fact: using ssh-keygen to generate Ed25519 keys provides high security with short key lengths. Hardening a server usually involves disabling root login and enforcing key-based authentication to mitigate 99% of automated brute-force attempts.