What is SSH?
Ever think about how free and open the Internet is sometimes? All this information going back and forth at such a rapid pace, used for things like running the world’s most powerful financial firms to letting you watch The Mandalorian on demand (Season 2 hype!). While all this information flows from one computer to the next, one can only wonder how to use that information maliciously. I have some Bitcoin in an online exchange and have used it to purchase various online services. Imagine if someone out there is monitoring the website I used to purchase a service. In an unsecured transmission between my computer and the website’s server, that person can look at a purchase I made and see the code needed to withdraw my Bitcoin into their account. So how are these “transmissions” secured?
I want to start off by saying that this is kind of similar to what I talked about previously about password hashing. This is on a much greater scale, though.
Okay, so what’s SSH?
Naturally, you’ll want every interaction you have with the Internet to happen securely, in a way that no one can pluck at some sensitive piece of information from someplace you’re connecting to and then ruin your whole life. SSH is a protocol, just like HTTP and FTP. A protocol is a sort of language that allows machines to talk to each other. There’s a set standard of how data is formatted and machines that use that set standard can communicate with other machines using the same one. So to basically re-iterate, SSH is a protocol that allows shells to talk to each other securely.
What’s the difference between SSH and other protocols?
You’ve definitely seen HTTP mentioned everywhere on the Internet. Why is it always in front of URLs? Well, HTTP is the protocol that a web browser uses to talk to a server, not like how the shell of a machine would talk to another shell. HTTP isn’t used for a remote connection to another computer, for example.
How does it exactly work?
Remember encryption and hashing from earlier? That’s pretty much the foundation of SSH. If a machine wants to connect to another machine, those two machines must have two “keys” generated by SSH for that session. There is a public key, and a private key. The public key is the key that machines share to each other and the private key, which you can guess is to NOT be shared at all, checks to see if the public key matches. If the public key matches the private key, access is granted to the user and they don’t need to enter a password, although private keys can be password-protected if you want to (and you should!).
This is not entirely secure, though. Someone can still dupe themselves as the client or host and tamper with the messages. This is where hashing comes in. You run the MAC through a hashing function and send it to the other machine. MAC stands for Message Authentication Code and is generated from the keys, the packet sequence number, and the message itself. The message is then run through the same hash function on the other end and boom, you got your message!
