Difference between revisions of "Secure Shell"
Karl Jones (Talk | contribs) (→See also) |
Karl Jones (Talk | contribs) |
||
Line 24: | Line 24: | ||
SSH was designed as a replacement for [[Telnet]] and other insecure remote shell protocols such as the Berkeley rsh and rexec protocols, which send information, notably passwords, in [[plaintext]], rendering them susceptible to interception and disclosure using [[packet analysis]]. | SSH was designed as a replacement for [[Telnet]] and other insecure remote shell protocols such as the Berkeley rsh and rexec protocols, which send information, notably passwords, in [[plaintext]], rendering them susceptible to interception and disclosure using [[packet analysis]]. | ||
− | == Can sometimes be decrypted by NSA | + | == Can sometimes be decrypted by NSA == |
The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the [[Internet]], although files leaked by Edward Snowden indicate that the National Security Agency can sometimes decrypt SSH. | The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the [[Internet]], although files leaked by Edward Snowden indicate that the National Security Agency can sometimes decrypt SSH. |
Revision as of 06:28, 20 October 2015
Secure Shell, or SSH, is a cryptographic (encrypted) network protocol for initiating text-based shell sessions on remote machines in a secure way.
(TO DO: organize, cross-reference.)
Contents
Description
Secure Shell allows a user to run commands on a machine's command prompt without them being physically present near the machine.
It also allows a user to establish a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server.
Common applications
Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH.
SSH-1 and SSH-2
The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2.
Access to shell accounts
The most visible application of the protocol is for access to shell accounts on Unix-like operating systems, but it can also be used in a similar fashion on Windows.
Replacement for earlier protols
SSH was designed as a replacement for Telnet and other insecure remote shell protocols such as the Berkeley rsh and rexec protocols, which send information, notably passwords, in plaintext, rendering them susceptible to interception and disclosure using packet analysis.
Can sometimes be decrypted by NSA
The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet, although files leaked by Edward Snowden indicate that the National Security Agency can sometimes decrypt SSH.
See also
External links
- SSH @ Wikipedia
- Generating SSH keys @ GitHub