Introduction to SSH

 » Table of Contents

 » Glossary

 » Index

Secure Shell is a combination of client and server software that transparently encrypts and decrypts data flow between hosts on a network. SSH provides a suite of secure network commands that you can use in addition to, or in place of, traditional nonsecure network commands like TELNET and FTP.

Using Secure Shell commands, you create a secure connection between systems running the Secure Shell client and server software by providing the following security methods:

  • Authentication -- Secure Shell servers and clients use an authentication method to reliably determine each other's identity and the user's identity.

  • Data encryption -- Secure Shell servers and clients exchange encrypted data. Data encryption is transparent to the user.

The Secure Shell Server

A Secure Shell server (SSH server) is a system on which the system manager installs and runs the Secure Shell server software.

The SSH server accepts and rejects incoming connections to the server from the SSH clients on remote hosts. The SSH server listens on the port defined for the TCP/IP SSH service (port 22 by default). When a connection request occurs, the auxiliary server creates a new server process that controls all data exchanges over the new connection.

The SSH server provides the following functions:

  • Secure remote user login

  • Secure file transfer between remote computers

  • Remote command execution

For all of these functions, the entire login and data transfer sessions, including user identification information, are secured through user authentication and data encryption.

The Secure Shell Client

A Secure Shell client (SSH client) is a system on which the system manager installs the Secure Shell client software.

SSH commands invoke the following SSH utilities:

  • The SCP and SFTP commands copy files to and from an SSH server.

  • The SSH command logs in to a remote server and performs remote command execution (tunnelling).

  • The SSH key management utilities generate public-private key pairs and manipulate keys.

These commands and utilities are described in Chapter 7.

NOTE: SSH for OpenVMS software is based on SSH2 software from SSH Communication Security version 3.2.1. In the OpenVMS implementation, the commands SSH, SCP, and SFTP mean the same as SSH2, SCP2, and SFTP2. You can use either set of commands with SSH for OpenVMS. For more information about these commands, enter the DCL HELP command. For example:
$ HELP SSH