Due to the evolution of cloud computing, it has become a necessity to access remote machines these days. Most of us access our cloud instances every day, whether for business or personal purposes. We can barely imagine what it would be like if we couldn’t control cloud instances from our local machine.
“While attending school in Helsinki, I discovered a password ‘sniffer’ attack in our university network.
To shield our data, I wrote a program to protect information as it moved from point to point throughout the network. I called it the ‘secure shell’, or SSH for short.” -Tatu Ylönen
SSH(Secure Shell) is a secure protocol for logging into a remote server/computer. SSH provides a secure encrypted connection between two computers. SSH is widely used to manage servers and applications remotely in the IT industry by system administrators. Remote machines can be accessed via SSH, meaning you can execute commands, download files, and upload files, and lots of other things.
A protocol is a set of rules that define the language that computers can use to communicate.
How SSH works?
The SSH protocol is based on the client-server model. So, the SSH client must initiate an SSH connection with the SSH server. The SSH server’s identity is verified using public-key cryptography, and data is encrypted using symmetric key cryptography and hashing algorithms, keeping data transmitted in the ciphertext. In that way, data security and privacy are guaranteed between the client and the SSH server, reducing the possibility of man-in-the-middle attacks.
These are the steps involved in creating an SSH session:
- Clients contact servers to initiate a connection.
- A public cryptography key is sent by the server to the client.
- A secure channel is opened between the server and the client.
- The user logs into the server through their SSH client.
There are various method of SSH authentication. In this article, I am going to mention only two methods which applies to all SSH client.
1. Public Key Authentication
The public key authentication method is the only method that both client and server is required to implement. In this method, each client should have a key pair. A key pair is a pair of keys generated using an asymmetric encryption algorithm, such as RSA or DSA.
2. Password Authentication
This is the simplest form of authentication. The user needs to have only one set of credentials for authentication. The user specifies the username and the corresponding password and authenticate.
SSH Vs. Telnet
Telnet is the protocol that allows a user to communicate with a remote device like SSH. The key difference between these two protocol is security. SSH is far more secure than telnet. Telnet provides unencrypted connection between two computers whereas SSH provides encrypted connection. Telnet is old technology and rarely used these days.
How to Connect via SSH
You can establish a secure remote connection with your servers very easily using following command:
Type your password and hit Enter. If you are connecting to a remote host for the first time, it will ask you if you want to continue connecting. Just type yes and hit Enter.
Wanna connect with Key file? here
If you face problems while connectingto remote host/server, make sure:
- Remote host is up.
- IP address of remote machine is correct.
- Your username and password are correct.
- You are connected to the Internet.
- Remote host is listening for SSH connections.
- SSH connection is not being blocked by firewall.
SSH is one of the favorite target for cyber criminals because it gives them direct access to internal computers. Configuring SSH can be complicated so many users leave it with default settings which makes them vulnerable. Here are ten easy things to do to help protect your SSH server from Hackers.
- Use SSH Protocol Version.
- Change default SSH Port.
- Use SSH Keys Instead of Passwords.
- Set Password Attempt Limit.
- Disable Direct Root Access.
- Use Firewall.
- Reject Connection Requests With No Passwords.
This article is not intended for experienced users. Kudos Elite Peoples. This article is for those who are new to IT field and want to learn about SSH. That’s it for today’s post. DM me if for article request @thecrysp on Twitter.