Secure Shell (SSH)
Secure Shell (SSH)
Although Secure Shell (SSH) is a secure application program that can be used today for several purposes such as
remote logging and file transfer, it was originally designed to replace TELNET.
There are two versions of SSH: SSH-1 and SSH-2, which are totally incompatible.
The first version, SSH-1, is now deprecated because of security flaws in it.
Components
Applications
Although SSH is often thought of as a replacement for TELNET, SSH is, in fact, a general-purpose protocol that
provides a secure connection between a client and server.
1. SSH for Remote Logging
Several free and commercial applications use SSH for remote logging.
Among them, we can mention PuTTy, by Simon Tatham, which is a client SSH program that can be used for
remote logging.
Another application program is Tectia, which can be used on several platforms.
2. SSH for File Transfer
One of the application programs that is built on top of SSH for file transfer is the Secure File Transfer Program
(sftp).
The sftp application program uses one of the channels provided by the SSH to transfer files.
Another common application is called Secure Copy (scp).
This application uses the same format as the UNIX copy command, cp, to copy files.
3. Port Forwarding
One of the interesting services provided by the SSH protocol is port forwarding.
We can use the secured channels available in SSH to access an application program that does not provide security
services.
Applications such as TELNET and Simple Mail Transfer Protocol (SMTP), which are discussed above, can use
the services of the SSH port forwarding mechanism.
The SSH port forwarding mechanism creates a tunnel through which the messages belonging to other protocols
can travel.
For this reason, this mechanism is sometimes referred to as SSH tunneling.
Figure shows the concept of port forwarding for securing the FTP application.
The FTP client can use the SSH client on the local site to make a secure connection with the SSH server on the
remote site.
Any request from the FTP client to the FTP server is carried through the tunnel provided by the SSH client and
server.
Any response from the FTP server to the FTP client is also carried through the tunnel provided by the SSH client
and server.
Format of the SSH Packets
The length field defines the length of the packet but does not include the padding.
One to eight bytes of padding is added to the packet to make the attack on the security provision more difficult.
The cyclic redundancy check (CRC) field is used for error detection.
The type field designates the type of the packet used in different SSH protocols.
The data field is the data transferred by the packet in different protocols.