SSH (Secure Shell Protocol) — is a protocol for secure access to remote systems. It belongs to the applications as well as http, smtp, snmp, FTP, Telnet etc. It runs on port 22 and the port can be changed when configuring the ssh protocol.
Unlike the Telnet protocol, ssh sends encrypted traffic that is protected with an encryption key.
How SSH works
The protocol uses encryption keys to work and transfer data in encrypted form. Thanks to the encryption, an attacker who intercepted the flow of encrypted data will take several years to decrypt it, thereby losing validity time of the data.
SSH key - a sequence of random characters. It encrypts the data and sends it to the endpoint after encryption.
The protocol uses asymmetric encryption.
Asymmetric encryption - using two keys to encrypt and decrypt data.
Public key - this key encrypts the data, it can be sent to the other party which has to send the encrypted messages/data.
Private key - this key decrypts data, it must be stored in a safe place. There is an opportunity to encrypt the private key, using the passphrase when you create a key.
Example of SSH protocol using SSH key
Connection between the server and the client works when the ssh protocol configuration file is installed on the server and the appropriate ports are open. The client is required to send a public key to the server so that it can encrypt the data back for remote connections through the encrypted channel. When sending a connection request from the client to the server, the data is encrypted using the private key which is held only by the client, then the traffic flows through the network to the server, the server sends back the response to receive the data in encrypted form, and sends back the encrypted traffic using the public encryption key.
The client can be any device that has access to the Internet, as well as a client ssh application.
- Laptop (on Linux; MacOS; Windows)
- Android device
- IOS devices can also act as a client, ssh client needs to be installed.