Secure shell
| Application layer | HTTP, SMTP, FTP, SSH, IRC, SNMP, SIP, RTP, ... |
| Transport layer | TCP, UDP, SCTP, DCCP, ... |
| Network layer | IPv4, IPv6, ICMP, ARP, ... |
| Data link layer | Ethernet, Wi-Fi, Token ring, FDDI, ... |
| Physical layer | RS-232, RS-449, ... |
In computing, Secure shell or SSH is both a computer program and an associated network protocol designed for logging into and executing commands on a networked computer. The designers of SSH aimed to replace the earlier rlogin, telnet and rsh protocols, and the resultant protocol provides secure encrypted communications between two untrusted hosts over an insecure network. Users of SSH can also use it for tunnelling, forwarding X11 connections and arbitrary TCP ports over the resultant secure channel; and can transfer files using the associated scp or sftp programs. An ssh server, by default, listens on the standard TCP port 22.
Tatu Ylönen from Espoo, Finland, designed the first version of the protocol (now called SSH-1) in 1995 and also wrote the first software to utilise it. He soon formed a company called SSH Communications Security to exploit this innovation. The original version of the SSH software used various pieces of free software, such as GNU libgmp, but later versions released by SSH Secure Communications evolved into increasingly proprietary software. SSH Communications Security subsequently relicensed SSH to F-Secure (formerly known as Data Fellows). SSH Secure Communications has a USA subsidiary in Palo Alto, California.
A later version of the protocol appeared under the name SSH-2. The IETF "secsh" working group has started to standardise SSH-2, which features both security and feature improvements over SSH-1. Better security, for example, comes through Diffie-Hellman key exchange and strong integrity checking via MACs. New features of SSH-2 include the ability to run any number of shell sessions over a single SSH connection. [1]
The ssh program commonly appears for use in Unix shells for client connections. It generally links to by a daemon such as sshd for accepting remote connections. Implementations of SSH exist for most modern platforms, including Microsoft Windows (PuTTY has become a very popular Windows implementation) and Mac OS. Commercial versions, freeware versions, and open source versions all exist.
Table of contents |
List of implementations
- Lsh, the GNU Project's implementation of SSH (client and server)
- OpenSSH, an open source implementation of SSH. OpenSSH derives from the original, free implementation of SSH. (client and server)
- PuTTY (client)
- SSH Tectia Client [2]
- PenguiNet [3]
- SSHDOS [4]
- WinSCP [5] (file transfer client)
- JavaSSH [6]
- Dropbear, small client and server for POSIX systems
- Idokorro Mobile SSH [7] an implementation of SSH for the RIM BlackBerry and mobile phone
See also
- The Corkscrew tool enables a user to run SSH over HTTPS proxy servers.
- Connect.c consists of a small C program which enables users to run SSH over HTTPS proxy servers.
- Proxytunnel, another program, offers more generic capabilities.
- autossh, Automatically restarts SSH sessions and tunnels
References
- Daniel J. Barrett, Ph. D. and Richard E. Silverman, SSH: The Secure Shell The Definitive Guide, O'Reilly, 2001. ISBN 0596000111 [8].
External links
- Info about SSH
- IETF working group (for SSH-2)
This article was originally based on material from the Free On-line Dictionary of Computing, which is licensed under the GFDL.
Categories: Cryptographic protocols | Cryptographic software | Internet protocols