# SSH - Secure Shell Protocol ## What is SSH SSH, the Secure Shell Protocol, is a cryptographic network protocol for operating network services securely over an unsecured network. It provides secure encrypted communications between two untrusted hosts over an insecure network. SSH is most commonly used to log into remote computers and execute commands, but it also supports secure file transfer and tunneling of other protocols. SSH was developed in 1995 as a secure replacement for Telnet and other unencrypted remote access protocols. It uses port 22 by default. ## How SSH Works SSH uses public key cryptography to authenticate the remote computer and optionally to authenticate the user. When an SSH connection is established, the server presents its public key to the client. The client verifies this key against its list of known hosts. If the key is recognized, the connection proceeds. If the key is new, the client asks the user to verify it. Once the server is authenticated, the client and server negotiate encryption algorithms and exchange session keys to encrypt all subsequent communication. User authentication in SSH can use passwords or public key authentication. With password authentication, the user's password is encrypted before transmission. With public key authentication, the user has a key pair consisting of a private key stored on the client and a public key stored in the authorized_keys file on the server. The client proves possession of the private key without transmitting it, providing strong authentication without password transmission. ## SSH Key-Based Authentication Key-based authentication is more secure than password authentication because it eliminates the risk of password interception and brute force attacks. To set up key-based authentication, the user generates a key pair using ssh-keygen. The private key is kept securely on the client computer and protected by a passphrase. The public key is copied to the server and added to the authorized_keys file. When connecting, SSH proves possession of the private key through a challenge-response mechanism without revealing the key itself. ## SCP and SFTP SSH includes two protocols for secure file transfer. SCP, Secure Copy Protocol, allows files to be copied between systems over an SSH connection. SFTP, SSH File Transfer Protocol, is a more complete file transfer subsystem that runs over SSH and provides full file management capabilities including directory listing, file creation and deletion, and permission management. ## SSH Tunneling SSH can tunnel other protocols through its encrypted connection, a feature called port forwarding. Local port forwarding allows a port on the local machine to be forwarded through the SSH connection to a port on the remote machine or beyond. Remote port forwarding allows a port on the remote machine to be forwarded to the local machine. Dynamic port forwarding creates a SOCKS proxy that allows arbitrary TCP connections to be tunneled through SSH. These capabilities make SSH useful not only for remote access but also for securely accessing services that would otherwise be inaccessible.