JR Learn & Thrive Concepts

Understanding SSH - a Quick Note

Jayachandran Ramadoss's photo
Jayachandran Ramadoss
·

6 min read

Table of contents

About: This article acts as a quick reference to brush up the basics of SSH.

In today’s digital age, remote connections are essential. Whether you’re managing cloud servers, deploying software, or accessing data from afar, you need a secure and reliable way to do so. That’s where SSH comes in.

SSH (Secure SHell) is a protocol that ensures your connection is encrypted, secure, and tamper-proof when you’re accessing remote machines. But what makes SSH so crucial and widely used today? Let’s dive in and break it down!

Adding a little history, It was created as a replacement for insecure protocols like Telnet and the Berkeley “r-commands” (that includes, rlogin, rsh). SSH encrypts all data transmissions, preventing eavesdropping with full-encryption and session hijacking with complex checksums.

It’s like having a secret language that only you and the server understand. Even if someone were to intercept the data, it would be gibberish to them. We can see how it works.

How Does SSH Work?

At its core, SSH creates a secure tunnel between two systems. Here’s how it typically flows:

1. Connection Initialization: The SSH client initiates a connection to the server. The two exchange protocol versions and begin negotiating encryption methods. Technically, sshd service in both clients listens for a incoming connections.

2. Authentication: The server authenticates the user through various methods (password, key-based, etc.).

3. Encrypted Communication: Once authenticated, the entire session is encrypted, ensuring that all data exchanged is safe.

Main Components of SSH

1. sshd (SSH Daemon): server-side process that listens for and manages incoming SSH connections.

2. ssh (Client): command-line tool used to initiate connections to remote servers using the SSH protocol.

3. scp (Secure Copy): tool used to securely transfer files between systems over SSH.

4. sftp (SSH File Transfer Protocol): Provides secure file transfer over SSH, replacing FTP without requiring separate ports.

5. slogin: A client used for remote logins, replacing rlogin.

SSH Protocol Versions

SSH1: The original version with some security limitations.

SSH2: An improved version with enhanced encryption and security features, including support for Certificate Authority (CA)-validated keys.

Security Features

1. Encryption: SSH encrypts the entire communication session, using algorithms such as AES or ChaCha20 to ensure confidentiality.

2. Authentication:

Password-based: Standard username and password login.

Public Key Authentication: Users authenticate using a pair of cryptographic keys. The private key remains on the client, while the public key is shared with the server. Make use of ssh-keygen and ssh-copy-id commands for sure.

Kerberos v5 and other authentication mechanisms can also be supported.

3. Host Keys

When you first connect to a server using SSH, the server sends you a host key, which your SSH client stores. In future connections, your client compares the server’s host key to the stored one to ensure you’re connecting to the right machine. This protects you from man-in-the-middle attacks, where a hacker might try to intercept your connection by posing as the server.

SSH Tunneling: Securing Other Protocols

SSH isn’t just for accessing remote servers—it can also tunnel other types of traffic securely. Tunneling allows you to route non-SSH traffic (like HTTP, database connections, etc.) through an SSH connection.

Types of Tunnels:

1. Local Forwarding: You forward traffic from a local port on your machine to a remote server over SSH. This is useful if you’re trying to access a service (like a database or web app) that is only available on the remote server’s local network.

Example: Securely connect to a remote MySQL database by forwarding its port to your local machine.

ssh -L 3306:localhost:3306 user@remote_server

  1. Remote Forwarding: Traffic from the remote server is forwarded back to your local machine. This is handy if you want someone on a remote server to access a service running on your local machine.

    Example: Let a remote server access a web server running locally on your computer.

ssh -R 8080:localhost:80 user@remote_server

SSH Subsystems

SSH supports subsystems, allowing you to run specific services through the SSH connection. The most common one is SFTP, but others can be defined as needed.

1. SFTP (Secure File Transfer Protocol)

SFTP provides a secure way to transfer files between systems. It offers the functionality of FTP but runs over the secure SSH protocol, meaning all data, commands, and passwords are encrypted.

sftp user@server

2. Chrooted SFTP

In a chrooted SFTP setup, users are restricted to a specific directory on the server. This is essential when dealing with untrusted users or clients, as it prevents them from accessing files outside of their designated directory.

SSH Agent: Simplifying Key Management

If you use SSH keys regularly, entering your password to unlock the private key can get tedious. SSH Agent solves this problem by keeping your private key unlocked in memory. This allows you to authenticate without repeatedly entering your password.

You can start the SSH agent like this:SSH Agent and Key Management

The ssh-agent manages private keys and allows users to securely store decrypted private keys in memory for easier access. Using ssh-add, users can load private keys into the agent for automatic authentication.

eval $(ssh-agent) ssh-add ~/.ssh/id_rsa

This adds your private key to the agent, so subsequent logins happen automatically.

Some more advanced features for our productivity,

1. SSH Key Forwarding

Let’s say you’re connecting to multiple servers, one after another. SSH Key Forwarding allows you to use your local machine’s SSH keys without copying them to every server. This is helpful for “hopping” between systems in secure environments.

To enable key forwarding:

ssh -A user@server

2. ProxyJump and ProxyCommand

In more secure setups, you might need to connect to a server through a bastion host (a middleman server). Instead of connecting to the bastion, then to the final server manually, SSH can handle it for you with the ProxyJump option:

ssh -J bastion user@final_server

Alternatively, older versions of SSH use ProxyCommand:

ssh -o ProxyCommand='ssh bastion -W %h:%p' user@final_server

Caveats and Pitfalls

Like any tool, SSH has its quirks:

Host Key Mismatch: If a server’s host key changes (e.g., the server is rebuilt), SSH will warn you that the host key is different. This is a red flag to ensure you’re not falling victim to a man-in-the-middle attack. If you know the key has changed, you’ll need to remove the old entry from your known_hosts file.

ssh-keygen -R server_ip

Firewall Issues: Some firewalls perform stateful inspection of SSH traffic, which can block connections if it detects anything suspicious, like changed host keys.

Final Thoughts

I personally experienced the power of this ssh in depth utilities, in my product software development, validation and other util tasks that actively contributes my day-to-day productivity, thereby our company Revenue!!!

sshOpen SourceLinux