Secure Shell (SSH)

5. Secure Shell (SSH)

Secure Shell or SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices.

Very common on Unix based systems, it is used as a secure replacement for Telnet as it allows remote access to a computer through a secure shell.

A client connecting to a SSH server, will have shell access on the server, in a secure way.

SSH, by means of Public keys can enforce authentication for both client and server.

Moreover it is also used to create tunnels, ports forwarding and secure file transfer.

An SSH server, by default, listens on TCP port 22.

SSH allows one to tunnel any protocol within a secure channel. You can do so for instant messaging protocols, mount remote hard drives and so on.

To create an SSH tunnel, an SSH client is configured to forward a specified local port to a port on the remote machine.

Traffic to local port (SSH client) is forwarded to the remote host (SSH client). The remote host will then forward this traffic to the intended target host.

The traffic between SSH client and server will be encrypted.

SSH tunnels provide a means to bypass firewalls that prohibit certain internet services provided that outgoing connections are allowed.

Corporate policies and filters can be bypassed by using SSH traffic.

Scenario: Imagine being in a hotel or being connected to internet through an open insecure wireless connection.

You can establish a secure connection to your home PC with a simple command.

With this command, all the traffic sent to localhost's port 3000 will be forwarded to remote host on port 23 through the tunnel

ssh -L 3000:homepc:23 Bob@sshserver.com

Description:

• -L is used to initiate a tunnel

• 3000:homepc:23 is localport:remotehost:remoteport

• bob@sshserver is username@sshserver

You can also use telnet to connect to your home PC safely:

telnet localhost:3000

It will automatically routed to your home PC through the SSH tunnel