SSH For Dummies: What, Why, How?

Prason Pandey
PenTester Nepal
Published in
4 min readApr 19, 2021
Source: hostinger.com

Due to the evolution of cloud computing, it has become a necessity to access remote machines these days. Most of us access our cloud instances every day, whether for business or personal purposes. We can barely imagine what it would be like if we couldn’t control cloud instances from our local machine.

“While attending school in Helsinki, I discovered a password ‘sniffer’ attack in our university network.

To shield our data, I wrote a program to protect information as it moved from point to point throughout the network. I called it the ‘secure shell’, or SSH for short.” -Tatu Ylönen

Introduction

SSH(Secure Shell) is a secure protocol for logging into a remote server/computer. SSH provides a secure encrypted connection between two computers. SSH is widely used to manage servers and applications remotely in the IT industry by system administrators. Remote machines can be accessed via SSH, meaning you can execute commands, download files, and upload files, and do lots of other things.

A protocol is a set of rules that define the language that computers can use to communicate.

How SSH works?

Source: hostinger.com

The SSH protocol is based on the client-server model. So, the SSH client must initiate an SSH connection with the SSH server. The SSH server’s identity is verified using public-key cryptography, and data is encrypted using symmetric key cryptography and hashing algorithms, keeping data transmitted in the ciphertext. In that way, data security and privacy are guaranteed between the client and the SSH server, reducing the possibility of man-in-the-middle attacks.

These are the steps involved in creating an SSH session:

  1. Clients contact servers to initiate a connection.
  2. A public cryptography key is sent by the server to the client.
  3. A secure channel is opened between the server and the client.
  4. The user logs into the server through their SSH client.

SSH Authentication

There are various methods of SSH authentication. In this article, I am going to mention only two methods that apply to all SSH clients.

1. Public Key Authentication

The public key authentication method is the only method that both client and server is required to implement. In this method, each client should have a key pair. A key pair is a pair of keys generated using an asymmetric encryption algorithm, such as RSA or DSA.

2. Password Authentication

This is the simplest form of authentication. The user needs to have only one set of credentials for authentication. The user specifies the username and the corresponding password and authenticate.

Learn More

SSH Vs. Telnet

source: node35.com

Telnet is the protocol that allows a user to communicate with a remote device like SSH. The key difference between these two protocols is security. SSH is far more secure than telnet. Telnet provides an unencrypted connection between two computers whereas SSH provides an encrypted connection. Telnet is old technology and is rarely used these days.

How to Connect via SSH

You can establish a secure remote connection with your servers very easily using the following command:

ssh username@remote_host_ip_address

Type your password and hit Enter. If you are connecting to a remote host for the first time, it will ask you if you want to continue connecting. Just type yes and hit Enter.

Wanna connect with the Key file? here

Troubleshoot?

If you face problems while connecting to a remote host/server, make sure:

  1. The remote host is up.
  2. The IP address of the remote machine is correct.
  3. Your username and password are correct.
  4. You are connected to the Internet.
  5. The remote host is listening for SSH connections.
  6. The SSH connection is not being blocked by a firewall.

SSH Security

SSH is one of the favorite targets for cybercriminals because it gives them direct access to internal computers. Configuring SSH can be complicated so many users leave it with default settings which makes them vulnerable. Here are ten easy things to do to help protect your SSH server from Hackers.

  1. Use SSH Protocol Version.
  2. Change default SSH Port.
  3. Use SSH Keys Instead of Passwords.
  4. Set Password Attempt Limit.
  5. Disable Direct Root Access.
  6. Use Firewall.
  7. Reject Connection Requests With No Passwords.

Conclusion

This article is not intended for experienced users. Kudos Elite Peoples. This article is for those who are new to the IT field and want to learn about SSH. That’s it for today’s post. DM me if for article request @thecrysp on Twitter.

--

--