SSH
(Secure Shell) is a program to log into another computer over a
network, to execute commands in a remote machine, and to move files
from one machine to another. It provides strong authentication and
secure communications over unsecure channels.
Somebody who has root access to machines on the network, or physical
access to the wire, can gain unauthorized access to systems in a
variety of ways. It is also possible for such a person to log all
the traffic to and from your system, including passwords (which
ssh never sends in the clear).
SSH has through the years proved to be immune to all kinds of hacker
attacks: IP spoofing, IP source writing, DNS spoofing, and so on.
SSH never trusts the net; somebody hostile who has taken over the
network can only force ssh to disconnect, but cannot decrypt or
play back the traffic, or hijack the connection.
How does SSH work?
All communications are encrypted using IDEA or one of several
other ciphers (three-key triple-DES,
DES, RC4-128, TSS, Blowfish). Encryption keys are exchanged
using RSA, and data used in the key exchange is destroyed every
hour (keys are not saved anywhere). Every host has an RSA key which
is used to authenticate the host when RSA host authentication is
used. Encryption is used to protect against IP-spoofing; public
key authentication is used to protect against DNS and routing spoofing.
RSA keys are also used to authenticate hosts.
|