Secure Shell (SSH)

  • SSH permits secure login connections and file transfer over the Internet or other untrusted networks.
  • Cryptographic algorithms are used to authenticate both ends of the connection, to automatically encrypt1 all transmitted data, and to protect the integrity of data2
  • SSH has the ability to “tunnel” information and applications through a host. You send your information to a host, which forwards it to its actual destination.

SSH protects against:

  • IP spoofing – a remote host sends out packets which pretend to come from another trusted host.
  • IP source routing – a host can pretend that an IP packet comes from another trusted host.
  • DNS spoofing – an attacker forges name server records
  • Interception of clear text passwords and other data by intermediate hosts
  • Manipulation of data by people in control of intermediate hosts
  • Attacks based on listening to X authentication data and spoofed connection to the X11 server
  • Essentially protects against any network attack

SSH does not protect against:

  • A malicious user gaining root access to host (remote) machine
  • A malicious user gaining root access to the recipient machine

  1. Encryption is a process of translating plaintext information into a ciphertext. To properly decrypt information, a computer must know which “key” to use as reference. This way, only authorized parties can understand the information. ↩︎
  2. Ylonen, T. (1996, July). SSH–secure login connections over the Internet. In Proceedings of the 6th USENIX Security Symposium (Vol. 37, pp. 40-52).
    Chicago ↩︎