Secure Shell (SSH) is a network communication protocol used to create an encrypted connection between a local client application and a remote server. SSH makes it possible for the client and server to communicate securely over a public, unsecured network, such as the internet.
The term SSH is sometimes used to refer to the applications used to communicate with a remote server. However, SSH actually refers to the communication protocol itself, not the application used to enable communication between the client and server.
SSH is used all of the time by webmasters and developers. There are two primary ways that website professionals use SSH whether they realize it or not.
- RSH, or remote shell access, with an application such as PuTTY, provides access to the command-line on a remote server.
- Secure file transfer protocol, or SFTP, is supported by many popular FTP clients, including Filezilla, and makes it possible to transfer files to and from a remote server over a connection secured by SSH.
In addition to RSH and SFTP, SSH is used to secure several other types of server access including rsync file transfer and synchronization, FTP over SSH (FISH), secure copy (SCP), and full-fledged virtual private network (VPN) access to the server with OpenSSH.
History of SSH
SSH was first developed in 1995 by Tatu Ylönen in direct response to a password-sniffing attack directed at the Helsinki University of Technology at which Ylönen was a member of the faculty. Prior to the release of SSH, communication between a client application and a remote server over an unsecured network was possible thanks to protocols such as rlogin, RSH, Telnet, and rexec. However, all of those protocols transmitted information, including login credentials, in plaintext. This meant that someone with the right technical prowess and access to the network could potentially intercept messages and gain access to server login credentials in plaintext.
SSH was an immediate hit. The first version, SSH-1, was released as freeware in July 1995 and was in use by 20,000 users spread across 50 countries in less than six months. By the year 2000, the number of active SSH users had exploded to 2 million.
Ylönen founded SSH Communications Security in December of 1995 to market and further develop the protocol. While the original version of SSH was built using a variety of free components and released as open source software, over time SSH grew increasingly proprietary. In 1999, a group of developers used the last open source version of SSH to create a free and open source version of SSH. This free version evolved into what is known today as OpenSSH and is incorporated into Unix, Linux, and Windows operating systems.
How Does SSH Work?
Communicating over a network connected secured by SSH requires that three different layers work in unison:
- Transport layer: This layer handles the exchange of encryption keys between the client application and remote server, and manages the SSH connection for the duration of the session.
- User authentication layer: This layer allows the user to authenticate themselves to the server using a variety of different authentication methods. The most common method is a user password, but passwordless and one-time password authentication systems may also be used depending on the client application in use.
- Connection layer: This is the layer over which the SSH client interface operates and includes shell access applications such as PuTTY, secure FTP clients such as Filezilla, and all other SSH clients.
The three-part architecture of SSH is part of what makes the protocol so popular. Thanks to the decoupled design, it can be used for many different purposes by designing client applications to accomplish specific tasks over a connection secured with SSH.
SSH resources abound. If you want to learn how you can use SSH to better manage a remote server, here are a few excellent resources to consult.
SSH: The Secure Shell, The Definitive Guide (2001) by Barrett and Silverman is an excellent O’Reilly book, if a bit dated. However, it’s freely available online and the first chapter provides a very good technical introduction to SSH. If you’re new to SSH and want to better understand the technical basis of this communication protocol take a few minutes to review the first chapter of this text.
SSH: What and How is a tutorial by Jonathan Cutrell that is freely available at Envato Tuts+. This tutorial walks through the process of setting up SSH on a local system and a remote server, configuring passwordless login to the server, and demonstrates how to push code to a git repository on the remote server. This is a particularly good resource if you are a developer who wants to host git repositories on a private remote server.
Complete Secure Shell Course by Muhammed Torkey is an online course available at Udemy. The course introduces secure shell, explains how it works, covers SSH installation and configuration, and introduces a variety of SSH applications. After completing this course you’ll be able to use SSH for remote terminal access, file transfer, as a VPN, and also know how to make SSH as secure as possible.
SSH Tutorial — Basic server administration with SSH by LearnCode.academy is a fast-paced and short overview of managing a remote server with SSH. In less than 10 minutes, this YouTube video demonstrates how to use SSH for shell access, file transfer with rsync, and passwordless login.
SSH Tutorial for Linux is a detailed tutorial that dates back to 1999, but has been updated multiple times since then. It covers passwordless login and a variety of SSH applications. It’s applicable to Linux and Unix-based systems, including Mac OS X. However, if you’re using a Windows machine, take a look at the SSH Tutorial for Windows instead.
As we’ve discussed, SSH is not a program but a protocol. But it is usually talked about as though it is. Ultimately, it is some kind of program that allows users to login to other systems and do all the normal things they would be able to do if they were sitting at the other computer’s console.
So the real question is what SSH client application are you going to use.
But in this document, we will focus on PuTTY. This is because it is has a number of advantages to other systems. What’s more, it is available on most operating systems.
As we’ve discussed, SSH is primarily used to allow people to use command shells on remote machines in a secure way. In this way, it is most obviously a replacement for Telnet and rlogin.
In fact, on most Unix systems, both the telnet and rlogin commands are simply links to the ssh program. For normal computing, no one uses Telnet and rlogin anymore.
There are many other advanced ways that SSH is used. For example, it can be used to create a Virtual Private Network (VPN), which allows users to set up a private network on top of a public network like the internet by creating an encrypted tunnel between different machines.
But the main way the SSH is used apart from its use as a terminal is its use for transferring files. Secure FTP (SFTP) uses SSH to keep the transferred information private.
PuTTY was one of the first applications to implement SSH. It is a full-featured application for communicating with other systems and for transferring files — all done securely. The basic program is distributed as a single file. You can simply download PuTTY and run it from the command line. But in its complete form, it consists of several parts:
- SSH client with connection manager (PuTTY);
- Secure FTP (PSFTP);
- Secure copy or SCP (PSCP);
- Authentifcation agent for storing private keys for the other parts of PuTTY (Pageant);
- Generator of RSA and DSA keys, similar to ssh-add in OpenSSH (PuTTYgen).
PuTTY was first developed for Microsoft Windows. Over the years, it has been ported to many Unix systems as well as Mac OS X. Development continues on older systems like the classic Mac OS. As a result, it is nice to be familiar with, because it is available on just about any system that you might use.
Getting Started With PuTTY
PuTTY is easy enough to use that you can probably just download it and start using it. Check out the PuTTY Download Page. But there are various resources available to help you out:
- PuTTY FAQ: the project’s FAQ list is extensive and will answer most of your questions
- Putty Tutorial: SiteGround’s simple tutorial that will get you up and running on a Windows machine.
- Using SSH in PuTTY (Windows): a basic introduction that shows you how to download and install PuTTY, and get started.
- Downloading and Configuring Putty: A very helpful video by Michael Holtz Jr that will get PuTTY installed and configured on your machine. It also provides some nice tips for using the program.
There are many alternatives to PuTTY. In particular, OpenSSH is the standard SSH system on Unix machines. We’ve divided the alternatives up into the free and pay versions. In general, the pay versions are designed for enterprise users — but not always.
- ConnectBot: a SSH client for Android.
- Dropbear: a SSH client and server for Unix-based operating systems.
- lsh: the GNU Project’s SSH client and server.
- OpenSSH: the OpenBSD Secure Shell — the standard on Unix operating systems.
- PACManager: a SSH/FTP/Telnet session management tool for Linux.
- Tera Term: a Windows-based terminal emulator.
Although all of these programs cost money, many of them have 30-day trial versions that you can download.
- AbsoluteTelnet: a windows application that combines SSH and SFTP clients with various terminal emulators.
- Bitvise: a combined Windows SSH server and client .
- Private Shell: a full-featured Windows SSH client that includes SFTP and much more.
- PenguiNet: a Windows-based tabbed SSH client to maintain many connections at once.
- Reflection: a terminal emulator based on SSH.
- SecureCRT: a SSH client available for Windows, Mac, and Linux.
- Tectia SSH: the enterprise SSH system from the company that invented SSH.
- TN3270 Plus: a Windows telnet emulator that includes SSH security.
- Token2Shell: a Windows-based SSH client with extra features like seamless remote copying.
- Xshell: a Unix-based SSH terminal emulator.
- ZOC Terminal: a SSH terminal for Windows and Mac.
Non-Terminal SSH Applications
SSH is used in many other applications. It is most especially associated with FTP and other file transfer functions. But it is also used for more advanced functions like remote desktops and securing X-Windows systems.
- CRAX Commander: a proprietary Mac file manager that includes SSH and SFTP.
- Cryptzone MindTerm: a Java based library for including SSH into your own applications. They also offer a standalone program. It is free for personal and limited commercial use.
- FileZilla: a free FTP application (client and server) that supports SFTP as well as FTPS. If you do a lot of cloud computing, you may want to check out FileZilla Pro because it provides access to Amazon S3, Google Drive, Microsoft OneDrive, and many other resources.
- MobaTerm: an enhanced Xterm application with built in SSH. MobaTek offers a free home version and a reasonably priced professional edition.
- ProxyCap: a commercial application for controlling your use of proxy servers with native SSH support on Windows and Mac computers.
- SFTPPlus: a commercial enterprise file transferring system including SFTP and SCP both over SSH version 2.
- SmartFTP: a commercial Windows-based program primarily focused on file transfer, but including terminal emulation with SSH as well.
- CodePlex Terminals: a commercial remote desktop client, with quite a bit more.
- WinSCP: a free SSH based FTP for Windows, based on PuTTY.
For individuals, PuTTY is a great choice, because it is available on pretty much any computer you may be working on. But if you have special needs, there are lots of options available to you. Regardless, you will know that you can work in privacy.
SSH is a flexible communication protocol that can be used to create a secure communication tunnel between a local client application and a remote server. Once you’re familiar with SSH, you’ll be to use a variety of SSH client applications to securely work on a remote server with the same level of control that you would have if you had physical access to the server.
Further Reading and Resources
We have more guides, tutorials, and infographics related to the internet and web development:
Ultimate Guide to Web Hosting
If you are going to be transferring files around the internet, chances are you are going to be using one or more web servers. Check out our Ultimate Guide to Web Hosting. It will explain everything you need to know in order to make an informed choice.