What is SSH

SSH is the abbreviation for secure Shell, developed by the IETF Network Working Group, and SSH is a security protocol based on the application layer and transport layer. SSH is currently a more reliable protocol that provides security for Telnet sessions and other network services. The use of SSH protocol can effectively prevent the information leakage in the remote management process.

Traditional Web services such as FTP, pop, and telnet are inherently insecure because they transmit passwords and data in plaintext on the network, and it is very easy for an ulterior motive to intercept the passwords and data. Moreover, the security authentication methods of these service programs also have their weaknesses, that is, it is very easy to be attacked by the "man in the Middle" (man-in-the-middle) way. The so-called "middleman" attack means that the "middleman" pretends to be the real server to receive the data you pass to the server, and then impersonate you to pass the data to the real server. The data transfer between the server and you is a very serious problem after the hands and feet of the "middleman". By using SSH, you can encrypt all the transmitted data so that the "man-in-the-middle" attack is not possible, and it can prevent DNS spoofing and IP spoofing. An additional benefit of using SSH is that the transmitted data is compressed so that the transfer speed can be speeded up. SSH has many functions, which can replace Telnet and provide a secure "channel" for FTP, PoP, and even PPP.

From the client side, SSH provides two levels of security validation. First level (password-based security authentication)As long as you know your account number and password, you can log on to the remote host. All transmitted data will be encrypted, but there is no guarantee that the server you are connecting to is the one you want to connect to. There may be other servers impersonating a real server, which is an attack by the "middleman". Second level (key-based security verification)You need to rely on the key, which means you have to create a pair of keys for yourself and place the public key on the server you need to access. If you are connecting to an SSH server, the client software makes a request to the server requesting security verification with your key. After the server receives the request, look for your public key in your home directory on the server and compare it to the public key you sent. If the two keys are consistent, the server encrypts the "Challenge" (challenge) with a public key and sends it to the client software. After the client software receives a "challenge", it can use your private key to decrypt it and send it to the server. In this way, you must know the password of your secret key. However, the second level does not require a password to be sent over the network compared to the first level.

What is SSH