SSH or Secure Shell is an application layer network protocol that allows remote control of the operating system and tunneling of TCP connections (e.g. for file transfers).
SSH makes remote control of the operating system secure, since it encrypts all traffic, including transmitted passwords. It is possible to choose different encryption algorithms.
Besides the remote control, SSH allows to safely transfer almost any network protocol in an unprotected environment. Thus, you can not only remotely work on the computer through a command shell, but also to transmit an encrypted channel audio stream or video (eg webcam), to work with databases and other storage, as well as use any other protocols. Also SSH can use compression of transmitted data for their subsequent encryption, which is useful for remote clients running X Window System.
SSH clients and SSH servers are available for most network operating systems, SSH client and server are usually preinstalled in Linux family operating system distributions.
SSH security
SSH security is based on relatively simple rules that can greatly reduce the risk of hacking:
- Prohibiting remote root access by password.
- Blocking connection with blank password or disabling login by password (using keys).
- Choose non-standard port for SSH server (standard is 22).
- Use long SSH2 RSA-keys (2048 bits or more) for authentication.
- Limiting the list of IP addresses from which access is allowed (for example, by blocking the port at the firewall level).
- Avoid using common or well-known system logins for SSH access.
- Password brute-forcing attempts (IP ban, for example).
- Regularly reviewing authentication error messages.
- Setting up intrusion detection systems (IDS).
- Using traps which spoof SSH service (honeypot).