Secure Shell (SSH)

Secure Shell (SSH) is a program that enables a user or application to log on to another computer over a network, execute commands, and manage files. It provides strong authentication methods and secure communications over insecure channels. With the SSH slogin command, the entire login session, including the password, is encrypted and protected against attack.

SSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks, such as IP spoofing, IP source routing, and DNS spoofing. When you implement SSH with encryption, any attacker who has managed to gain access to your network can only force SSH to disconnect. They cannot play back the traffic or hijack the connection.

Secure Shell works with many different operating systems, including Windows, UNIX, and Macintosh systems.

SSH1 and SSH2

There are two versions of Secure Shell available: SSH1 and SSH2.SSH1 and SSH2 are two different protocols and encrypt different parts of the data packet. SSH2 is more secure. To authenticate systems, SSH1 employs user keys, to identify users; host keys, to identify systems; session keys, to encrypt communication in a single session; and server keys, which are temporary keys that protect the session key. SSH2 does not use server keys. SSH2 includes a secure replacement for FTP called secure file transfer protocol (SFTP). Because of the different protocol implementations, SSH1 and SSH2 are not compatible with each other.

NOTE: that the SFTP acronym is used both for Secure File Transfer Protocol as well as for the obsolete Simple File Transfer Protocol.