SSH. In simple words about complicated stuff
SSH, or Secure Shell, is a data transfer protocol allowing one to manage the operating system and data in a safe and protected way. It’s a network protocol at the applied level which provides a possibility to code transferred data and passwords. It can transfer any other protocol as well.
The first version of the SSH protocol was designed in 1995. With time some weak spots have been revealed, and the program has undergone certain essential changes. So already in a year – in 1996 – the second version of the protocol (SSH-2) – came into the world. The new version is not compatible with the old one. So today if someone is talking about SSH, they always mean SSH-2. Since then SSH hasn’t changed its standards and it is broadly used nowadays.
SSH is a purely commercial product and you pay to get it. However, its free version – OpenSSH – is widely available now. Regardless of the fact that OpenSSH is just one of the SSH versions, it is used by programmers far more often. Some people even consider it safer and more comfortable to use thanks to its open source code.
Advantages of SSH
- Allows you to work with your computer remotely through a shell.
- Gives you an opportunity to code with the help of various algorithms.
- As soon as SSH guarantees safe transfer of any network protocol, it allows you to transfer audio and video files through the coded channel.
- Carries out file compression for their further coding and transfer.
- Protects data transfer through the channel and prevents the possibility of intrusion into the ongoing session and the possibility to capture the data.
Software necessary to work with SSH
In order to work with SSH one should have an SSH-server and SSH-client.
An SSH-server receives connection from clients’ devices and does authentification. The authentification can be carried out in three different ways:
- Using the client’s IP address – in this case SSH tries several checking methods. This way of authentification is not the safest one because there is a possibility of IP address substitution.
- Using the client’s public key. The scheme is almost the same as with the client’s IP address, but in this very case the client’s public key ant their name are being verified.
- Using the client’s password – it is a method of authentification which is exercised frequently. The password which is being transferred gets coded.
Main programming platforms used as an SSH server are:
- BSD: OpenSSH
- Linux: dropbear, lsh-server, openssh-server, ssh
- Windows: freeSSHd, copssh, WinSSHD, KpyM Telnet/SSH Server, MobaSSH, OpenSSH
SSH client is used for the direct entrance to a remote server and completing different tasks:
- Working with files and directories
- Work connected with viewing and editing files
- Monitoring work processes
- Working with archives
- Working with MySQL data bases
SSH clients and their shells:
- GNU/Linux, BSD: kdessh, lsh-client, openssh-client, putty, ssh, Vinagre
- MS Windows и Windows NT: PuTTY, SecureCRT, ShellGuard, Axessh, ZOC, SSHWindows, ProSSHD, XShell
- MS Windows Mobile: PocketPuTTy, mToken, sshCE, PocketTTY, OpenSSH, PocketConsole
- Mac OS: NiftyTelnet SSH
- Java: MindTerm, AppGate Security Server
- iPhone: i-SSH, ssh (in a package with Terminal)
- Android: connectBot
Regardless of the fact that there are a lot of SSH clients, the most popular and used ones are PuTTY и SecureCRT. PuTTY is preferable as it is free of charge.
For those interested: personally I use a free WinSCP program for a server connection (free graphical client of the SFTP and SCP protocols) – the PuTTY agent which is very convenient when working with the SSH protocol. I emphasize that if you don’t want your websites to get infected with a virus or anything else, you’d better start using WinSCP straightaway instead of usual FTP clients (FileZilla). This way you can be sure that your passwords are safe.
Working safe with SSH
In order to use SSH in a safe way the so-called SSH tunnel is created. It is built on the base of SSH and it secures safe data transfer through internet channels. The information transferred is coded at one end of the tunnel and decoded at the other one.
In order to secure your data you should observe certain rules when working with SSH:
- Prohibit the possibility of remote root-access
- Prohibit connection via an empty password and passwordless connection
- Choose a nonstandard port for an SSH server
- Use long SSH2 RSA keys
- Restrict the number of IP addresses from which the access is possible
- Prohibit access from dangerous addresses
- Monitor messages about authentification errors regularly
- Install intrusion detection systems – IDS
It’s a shame but not every hosting company nowadays supports SSH. If you own just one website and you don’t really get what SSH is about and why it is necessary to have one, then maybe you don’t need SSH that much. Whereas if you are an experienced user who would spend tons of time in front of the computer while waiting for the server to carry out file exchange through FTP, then it’s highly probable that you have been dreaming about SSH your whole ftp-exchange life.
It’s a very convenient thing, really. And you will soon be convinced about it. There will come such a moment when you will need to move your project or several projects from the local server to the server of a hosting provider; or from the server of one hosting provider to the server of another one. Here SSH will come in handy.
What is more, SSH allows you to edit files on the server and delete them with just one click.
This very thing makes hosting with SSH so desirable. Pay your attention to this parameter while choosing a hosting provider. Believe me, it will save you loads of time and nerves; and it will also protect you from data loss.