Important things to know about SSH

This is a follow-up post for the hub “Tips on Website Security - use SSH”. If you are a regular visitor of my hubs, then you may have probably read that particular article and would surely have a few questions about SSH. If you are new visitor, before reading on, it would be advisable to have a look at “Tips on Website Security - use SSH” to better appreciate the contents of this posting.

As the title implies, this post aims to explain in simple terms the important aspects of SSH. Researching about SSH is quite difficult especially for non-technical people. Looking for answers and some information about SSH is a tedious one as for sure one will encounter tons and tons of jargons. Anyway, enough with the introduction and on to the juicy and informational stuff.

In a nutshell, SSH –

• Is a program that allows a remote computer to securely access another computer
• Can execute commands from a remote machine (computer)
• Can transfer files between the two interconnected computers
• Has two available versions namely SSH1 and SSH2
• Provides secure communications and powerful authentication

How did SSH came about –

SSH is originally intended as a secure data communication medium for UNIX systems to replace existing unsecure UNIX remote shell protocols and Telnet. Since its released, SSH has been widely accepted and used that an estimated count of two million users are using SSH.

Aside from UNIX, listed below are other operating systems wherein SSH can be seemingly implemented. Please note that some OS may be developer dependent and may contain interoperability issues:

• Java
• DOS
• Macintosh
• Windows
• OpenVMS
• BeOS
• OS/2
• Handheld devices

• IP spoofing*
• IP source routing*
• DNS spoofing**
• Manipulation of data by people in control of intermediate hosts
• Interception of clear text passwords and other data by intermediate hosts

* IP spoofing and IP source routing are quite similar. Basically, these two type of security issue is where an IP (internet packet) is sent out by a remote host that disguises itself as a trusted host.

** DNS spoofing is where an attacker targets and forges name server records

SSH authentication –

Note: SSH may use one or more of the following for authentication:

• Password
• User public key – RSA or DSA
• Kerberos – for SSH1
• Hostbased

The following tables summarizes the type of algorithms used by SSH for encryption and authentication. Please note that ciphers, depending on implementation, may be added (or deleted).

Difference between SSH1 and SSH2 –

Interestingly, SSH2 is not a simple version upgrade of SSH1. SSH1 and SSH2 are two totally different protocols. Listed below are the differences between the two.

• SSH1 uses server and host to authenticate systems
• SSH2 uses only host keys for authentication
• SSH2 is a complete rewrite of SSH1 protocols
• Networking implementation between two are different and not compatible
• SSH1 and SSH2 encrypts at different parts of the packets

And now to answer the question that any reader has in mind “Which is better SSH1 or SSH2?”

SSH2 is actually a complete rewrite of SSH1 and improves security, portability, and performance.