SSH (Secure Shell) is an encrypted network protocol used for secure remote login and other network services over unsecured networks.
Core Functions
- Remote Login: Allows users to securely log in to remote servers through encrypted channels
- Command Execution: Execute commands on remote servers
- File Transfer: Securely transfer files via SFTP, SCP, and other protocols
- Port Forwarding: Create encrypted tunnels to forward network traffic
- X11 Forwarding: Run graphical applications remotely
How It Works
SSH uses a client-server architecture:
- Server: Listens on port 22 (default), waiting for connection requests
- Client: Initiates connections and performs authentication
- Encrypted Channel: All communication is transmitted through an encrypted tunnel
Authentication Methods
- Password Authentication: Uses username and password
- Public Key Authentication: Uses public/private key pairs, more secure
- Host Key: Verifies server identity to prevent man-in-the-middle attacks
Security Features
- All data transmission is encrypted
- Supports multiple encryption algorithms (AES, ChaCha20, etc.)
- Provides integrity verification (HMAC)
- Supports key exchange algorithms (Diffie-Hellman, ECDH, etc.)
Common Commands
# Basic connection ssh user@hostname # Specify port ssh -p 2222 user@hostname # Use key authentication ssh -i /path/to/key user@hostname # File transfer scp file.txt user@hostname:/path/to/destination
SSH has become the standard tool for remote management of Linux/Unix systems and is widely used in server management, automated deployment, CI/CD pipelines, and other scenarios.