SSH (Secure Shell) is a cryptographic network protocol for securely operating network services over an unsecured network. SSH operates on a client-server model, using asymmetric encryption for authentication and symmetric encryption for data transmission.
Core Workflow
- Connection Establishment: Client initiates TCP connection to server (default port 22)
- Protocol Version Negotiation: Both parties negotiate SSH protocol version (SSH-1 or SSH-2)
- Key Exchange: Session keys are exchanged using Diffie-Hellman algorithm
- Server Authentication: Client verifies server identity (via public key fingerprint)
- User Authentication: Server verifies client identity (password or key)
- Encrypted Channel Establishment: Establish encrypted data transmission channel
- Session Communication: Transmit data through encrypted channel
Key Technical Points
- Asymmetric Encryption: Uses RSA, ECDSA, or Ed25519 algorithms for authentication
- Symmetric Encryption: Uses AES, ChaCha20, or similar algorithms for data encryption
- Hash Algorithms: Uses HMAC-SHA2 series to ensure data integrity
- Key Exchange: Diffie-Hellman or ECDH algorithms generate session keys
Security Features
- All communication data is encrypted
- Prevents Man-in-the-Middle (MITM) attacks
- Supports port forwarding and tunneling capabilities
- Provides multiple authentication methods (password, public key, keyboard-interactive)
SSH has become the standard tool for remote management of Linux/Unix systems, widely used in server operations, automated deployment, and remote development scenarios.