Secure Shell (SSH)
- SSH permits secure login connections and file transfer over the Internet or other untrusted networks.
- Cryptographic algorithms are used to authenticate both ends of the connection, to automatically encrypt1 all transmitted data, and to protect the integrity of data2
- SSH has the ability to “tunnel” information and applications through a host. You send your information to a host, which forwards it to its actual destination.
SSH protects against:
- IP spoofing – a remote host sends out packets which pretend to come from another trusted host.
- IP source routing – a host can pretend that an IP packet comes from another trusted host.
- DNS spoofing – an attacker forges name server records
- Interception of clear text passwords and other data by intermediate hosts
- Manipulation of data by people in control of intermediate hosts
- Attacks based on listening to X authentication data and spoofed connection to the X11 server
- Essentially protects against any network attack
SSH does not protect against:
- A malicious user gaining root access to host (remote) machine
- A malicious user gaining root access to the recipient machine
- Encryption is a process of translating plaintext information into a ciphertext. To properly decrypt information, a computer must know which “key” to use as reference. This way, only authorized parties can understand the information. ↩︎
- Ylonen, T. (1996, July). SSH–secure login connections over the Internet. In Proceedings of the 6th USENIX Security Symposium (Vol. 37, pp. 40-52).
Chicago ↩︎