Ssh Protocol; Features Of Ssh; Why Use Ssh - Red Hat ENTERPRISE LINUX 4.5.0 Reference Manual

Chapter 20.

SSH Protocol

SSH™ (or Secure SHell) is a protocol which facilitates secure communications between two
systems using a client/server architecture and allows users to log into server host systems
remotely. Unlike other remote communication protocols, such as FTP or Telnet, SSH encrypts
the login session, making it impossible for intruders to collect unencrypted passwords.
SSH is designed to replace older, less secure terminal applications used to log into remote
hosts, such as
telnet
to copy files between hosts, such as
passwords transmitted between the client and the server, avoid them whenever possible. Using
secure methods to log into remote systems decreases the risks for both the client system and
the remote host.

1. Features of SSH

The SSH protocol provides the following safeguards:
• After an initial connection, the client can verify that it is connecting to the same server it had
connected to previously.
• The client transmits its authentication information to the server using strong, 128-bit
encryption.
• All data sent and received during a session is transferred using 128-bit encryption, making
intercepted transmissions extremely difficult to decrypt and read.
• The client can forward X11
forwarding, provides a secure means to use graphical applications over a network.
Because the SSH protocol encrypts everything it sends and receives, it can be used to secure
otherwise insecure protocols. Using a technique called port forwarding, an SSH server can
become a conduit to securing otherwise insecure protocols, like POP, and increasing overall
system and data security.
Red Hat Enterprise Linux includes the general OpenSSH package (
OpenSSH server (
openssh-server
chapter titled OpenSSH in the Red Hat Enterprise Linux System Administration Guide for
instructions on installing and deploying OpenSSH. Note, the OpenSSH packages require the
OpenSSL package (
openssl
OpenSSH to provide encrypted communications.

1.1. Why Use SSH?

Nefarious computer users have a variety of tools at their disposal enabling them to disrupt,
intercept, and re-route network traffic in an effort to gain access to a system. In general terms,
1
X11 refers to the X11R6.7 windowing display system, traditionally referred to as the X Window System or X. Red Hat
Enterprise Linux includes XFree86, an open source X Window System.
or . A related program called
rsh
. Because these older applications do not encrypt
rcp
1
applications from the server. This technique, called X11
) and client (
) which installs several important cryptographic libraries, enabling
replaces older programs designed
scp
openssh
) packages. Refer to the
openssh-clients
) as well as the
355