A Brief Intro to SSH

It’s not unusual to stumble upon the terms SSH and be a bit perplexed as to just what it is, how it works and what all the files and command line tools are for.

This post will briefly cover some of that!

Table of Contents

Overview

SSH stands for Secure Shell and is a communication protocol that is characterized by encrypting communication between two ends.

It’s most commonly used to securely remote-login to a server and execute some commands, move data between servers, etc. There is multiple software that implement the SSH protocol, one of the most widely used being OpenSSH and is the one that comes pre-installed with Ubuntu for instance.

Some other noteworthy points:

  • SSH uses a client-server model
  • Two major versions released SSH-1 & SSH-2
  • Standard TCP port 22
  • Private key, also called an identity key, is a key that only you should have access to
  • Public key, also known as an authorized key, is a key that is used to prove the identity and is not secret
  • Identity keys and Authorized keys are jointly called User Keys.

Tools and Files

There are a lot of CLI tools and files associated with SSH, some of them are:

Tools

  • ssh-keygen: creates a key pair for public key authentication
  • ssh-copy-id: configures a public key as authorized on a server
  • ssh-agent: agent to hold private key for single sign-on
  • ssh-add: tool to add a key to the agent
  • scp: file transfer client with RCP-like command interface (uses the Secure Copy Protocol)
  • sftp: file transfer client with FTP-like command interface (uses the SSH File Transfer Protocol)
  • sshd: OpenSSH server

Files

  • ~/.ssh/known_hosts: file containing list of known hosts, each server contains a host key so next time you connect, it can verify you are connecting to the same server
  • ~/.ssh/id_<algorithm>: private key (default naming), algorithm can for instance be RSA, DSA, ECDSA
  • ~/.ssh/id_<algorithm>.pub: public key (default naming)
  • ~/.ssh/authorized_key: list of public keys which can be used to login to the server, usually located at root-owned locations (should only be writable by owner and root)
  • /etc/ssh/ssh_host_<algorithm>: Private host keys stored on SSH servers
  • /etc/ssh/ssh_host_<algorithm>.pub: Public host keys are stored on and/or distributed to SSH clients