SSH 1
SSH is based on client server model:
- server (SSHD)
- clients (scp,sftp,ssh)
Why SSH:
SSH with it's sub-system (scp , sftp ) is instead of (telnet , ftp , rcp ), and protocols that run these program are unsecured.
Telnet for example use unsecured channel to connect with another computer , so , man in the middle attack can intercept telnet messages and can get sensitive information such as (user name and password) .
you can try it , use telnet to connect to another computer in your network then use a sniffer program such as (wire shark or TCP dump)you will see every message between computers.
So , we using ssh to securing connections and can copy files and sending commands between networks securely .
SSH uses asymmetric key mechanism to authenticate and securing the connection .
asymmetric key or public-key cryptography mechanism:
It's consist of two pairs of keys , public key and private key.
- sender side:
- receiver side:
This mechanism is uses in SSH
- SSH generates public and private keys
- keys located in ~/.ssh/
id_rsa.pub ---> public key and can copy to another computer to connect with SSH server (SSHD).
- public key can be copied to another computer by using command ssh-copy-id
SSH also contains sub-systems (scp , sftp )
- scp use to copy a file in a secure channel (secured by ssh).
- sftp use instead of ftp to transfare file between 2 computers securely.