Difference between revisions of "Secure Shell"

From Wiki @ Karl Jones dot com
Jump to: navigation, search
(See also)
Line 24: Line 24:
 
SSH was designed as a replacement for [[Telnet]] and other insecure remote shell protocols such as the Berkeley rsh and rexec protocols, which send information, notably passwords, in [[plaintext]], rendering them susceptible to interception and disclosure using [[packet analysis]].
 
SSH was designed as a replacement for [[Telnet]] and other insecure remote shell protocols such as the Berkeley rsh and rexec protocols, which send information, notably passwords, in [[plaintext]], rendering them susceptible to interception and disclosure using [[packet analysis]].
  
== Can sometimes be decrypted by NSA ===
+
== Can sometimes be decrypted by NSA ==
  
 
The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the [[Internet]], although files leaked by Edward Snowden indicate that the National Security Agency can sometimes decrypt SSH.
 
The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the [[Internet]], although files leaked by Edward Snowden indicate that the National Security Agency can sometimes decrypt SSH.

Revision as of 06:28, 20 October 2015

Secure Shell, or SSH, is a cryptographic (encrypted) network protocol for initiating text-based shell sessions on remote machines in a secure way.

(TO DO: organize, cross-reference.)

Description

Secure Shell allows a user to run commands on a machine's command prompt without them being physically present near the machine.

It also allows a user to establish a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server.

Common applications

Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH.

SSH-1 and SSH-2

The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2.

Access to shell accounts

The most visible application of the protocol is for access to shell accounts on Unix-like operating systems, but it can also be used in a similar fashion on Windows.

Replacement for earlier protols

SSH was designed as a replacement for Telnet and other insecure remote shell protocols such as the Berkeley rsh and rexec protocols, which send information, notably passwords, in plaintext, rendering them susceptible to interception and disclosure using packet analysis.

Can sometimes be decrypted by NSA

The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet, although files leaked by Edward Snowden indicate that the National Security Agency can sometimes decrypt SSH.

See also

External links