Introduction to SSH for Beginners
This post is part of a series designed to help developers who are just starting out understand some basics and how they relate to WordPress. This fourth post is about SSH which we offer on our VPS and Enterprise plans. The previous post on FTP vs SFTP touched on SSH a bit, but this one will explain it a little more in-depth and also provide links to video tutorials on how to connect via SSH in general.
The Birth of SSH
SSH stands for Secure Shell. The first version (SSH-1) of the protocol was developed in ’95 by a researcher at the University of Helsinki in Finland. The researcher became aware of a password sniffing attack on the school’s network and realized he needed to do something. At the time, the main protocols were TELNET, rlogin, and rsh. If you can believe it, some of these actually sent passwords via plaintext, which meant if they were intercepted, they could easily be deciphered and used to create havoc. Since these protocols did not provide confidentiality or strong enough authentication, something stronger was needed. By the end of ’95 there were 20,000 people using it, and it had only been released 5 months earlier in July. By the year ’00, some 2 million people were using it. Currently, version 2 (SSH-2) is being utilized and is regarded as even more secure than its predecessor.
Understanding SSH
So now that we know how it came to be, what exactly is SSH? Well, we know it’s a protocol and specifically it’s a cryptographic network security protocol. It can be used for secure data communication, remote login via command-line, remote command execution, among other things. Think of SSH as creating a secure channel or pipeline between a server and client over a network that otherwise would be insecure (e.g., the internet). The server and client (i.e., user) both run SSH programs in order to facilitate this.
SSH uses public key cryptography to authenticate the remote computer that’s trying to connect to the server. One way to do this is to use automatically generated public-private key pairs to encrypt the connection and then use a password for login authentication. Another method is to use manually generated public-private key pairs to perform the authentication aspect, which allows users to login without supplying a password. It’s important for the owner of the private key (client/user) to keep it secret since it shouldn’t fall into the wrong hands. The private key isn’t actually transferred over the network during authentication which adds to the security aspect. SSH just makes sure the same person offering the public key also owns the matching private key.
SSH and SFTP
Interestingly, SSH also forms the backbone of SFTP (Secure File Transfer Protocol), providing the same security features to file transfers. SFTP replaces older methods of file transfers that lacked encryption like FTP (File Transfer Protocol). By using SSH, SFTP encrypts both commands and data, preventing the passwords and sensitive information from being exposed in plain text over the network. This is crucial for maintaining the integrity and confidentiality of the data being transferred.
While SSH can be used for file transfer via SFTP or secure copy (SCP), tunneling, and forwarding TCP ports and X11 connections, it is most commonly used to login to a remote machine (e.g., server) and execute commands. TCP port 22 has been assigned for contacting SSH servers. Users run an SSH client program on their machine, and Windows does not include SSH by default, but Mac OSX and most versions of Linux do. Most Windows users use PuTTY for SSH, sometimes paired with WinSCP. If you really want to geek out, you can read up on the architecture and various layers of SSH that separate various functions. These layers include the transport layer, user authentication layer, connection layer, and the SSHFP DNS record.
Learning Resources
To watch an awesome video tutorial on how to establish an SSH connection, here is an excellent one posted recently by LearnCode.academy. Diving into video tutorials can dramatically speed up your learning curve, making complex concepts much more digestible. Whether you’re setting up an SSH connection for the first time or looking to enhance your understanding of SFTP for secure file transfers, these resources are invaluable.
Keep exploring, keep learning, and remember, the world of technology is vast and always evolving. There’s always something new to geek out about!