SSH Protocol
Overview:
SSH is the
abbreviation of The Secure SHell. SSH operates over TCP
connections, usually to port 22. Secure Shell is a program to log
into another computer over a network, to execute commands in
a remote machine, and to move files from one machine to another.
It provides strong authentication and secure communications over
insecure channels. It is a replacement for telnet, rlogin, rsh,
rcp.
SSH protects a network from attacks such as IP spoofing, IP
source routing, and DNS spoofing. An attacker who has managed to
take over a network can only force ssh to disconnect. He or she
cannot play back the traffic or hijack the connection when
encryption is enabled.
The SSH-2 protocol is described in the following five main
documents.
SSH
Protocol Architecture
Describes the overall design of SSH-2.
SSH
Transport Layer Protocol
Provides a single, full-duplex,
byte-oriented connection between client and server, with privacy,
integrity, server authentication, and man-in-the-middle
protection.
SSH
Authentication Protocol
Identifies the client to the server.
SSH
Connection Protocol
Provides richer, application-support
services over the transport pipe, such as channel multiplexing,
flow control, remote program execution, signal propagation,
connection forwarding, etc.
SSH
Assigned Numbers
Gathers together and lists various constant assignments
made in the other drafts.
References:
What's
the difference between versions 1 and 2 of the SSH protocol?