Web Hosting in Pakistan

How Does SSH Work? (Complete Guide for Beginners)

Is another technical term driving you crazy? Don’t worry. We understand the technological words could be haunting for beginners. This is why we have explained SSH in detail here in this post.

What is SSH?

Secure Shell, abbreviated as SSH, is a remote control through which you can administer your remote servers. All the communication between your computer and your remote server is encrypted using cryptographic techniques. 

SSH authenticates the offsite user before getting the inputs and transferring the output back to the client, thus ensuring a secure connection.

You can consider it a replacement for the unencrypted Telnet.


What does an SSH do?

An SSH establishes a secure connection. So, you can get into your remote server through SSH directly if you are a Linux or Mac Users. But the Windows users need third-party applications to perform this function.


You can give the commands to your server just like you would do to your physical computer. Thus, reducing the distance between you and your remote server.


Three parts of SSH command:

Here is an SSH command through which you can ensure safe access to your remote server:

ssh {user}@{host}

SSH signifies the first part of the command and instructs the computer you want to open an SSH or Secured Shell Connection.

User is the second part of the command that guides the system about the user that you want to access. One of the primary user types is the root user (administrator). Such users have all the rights to modify everything on the server.

Host, which is the last part of the command, signifies the system you want to access. Usually, it is either an IP address or a domain name.


How does it work?

Once you have provided the command to the system, you’ll have to hit enter. This is when you’ll be asked to enter the relevant password. The wonderful thing is that the password being typed won’t show up on the screen but will be transmitted to the other end.

So, when you have typed the password, hit enter again. If the passcode would be correct, a terminal remote window will greet you. It means that you have proven your identity as an authentic user.


Use of Three types of Encryption:

An SSH connection uses three different types of encryption. These include:

Symmetrical Encryption:

In this type of encryption, a unique passkey or code helps in the encryption and decryption of the message. Mostly, there is a single key, which is used by both parties. In some cases, a pair of interlinked keys to one another can also be used.

In this method, the key is never shared between the web host and the users; instead, both the parties derive their keys using the public pieces of data and key exchange algorithm. The resultant key Is never shared with any third party, so there is no risk f any intervention in the communication during an SSH session.

However, a particular key is for a single session only; and it is generated before the client authentication, so the password being typed by the user is also safe and inaccessible by the third party.

You can find multiple symmetrical ciphers to use between the machines. There is a list of recommended ciphers available depending upon the devices that are communicating.

Asymmetric Encryption:

There are two different keys for encryption and decryption. One of the keys is the public key, whereas the other one is the private key. Both the keys work in pairs and are known as public-private key pairs.

The public key, in this case, is openly shared, but the private key is kept secret. However, both the keys are functionally related to one another. But it is impossible to calculate the private key from the public key mathematically. It ensures the safety of the communication.

Additionally, the connection between the public and private key can also be regarded as complex, which means that for the decryption of a particular message, it has to use the private key from the same machine from which the message has been encrypted (using the public key). All these measures make Asymmetric Encryption efficient.

How is asymmetrical encryption different from the symmetrical one? In Asymmetric encryption, the encryption process does not last for the entire session; instead, its span is quite limited and works only during the key exchange algorithm process.

Once the private shared key is generated, the role of asymmetric encryption isn’t actively required.


the third form of encryption that becomes an integral part of the SSH connection is hashing. This encryption form so never meant for decryption. For each input, a fixed-length code is generated with no trails or signs of similarity. This makes the recreation of the original key impossible. 

This encryption method is utilized to ensure the authenticity of the messages. It checks that the command being received has not been tampered with in any way and is from genuine users.

How does SSH use these encryption methods?

A client-server model is the crux of the host and the user communication, which ensures the encryption of the data and messages between them.

TCP Port22 is the one on which the SSH operates. It is the same port on which the server listens or gets command. A secure connection is established between the host and the server. Besides, it also organizes the SSH connection and opens the correct SSH window.

To begin a particular SSH Connection, it is essential to perform a handshake with the server. This is done using symmetric encryption technology. Agreeing upon the encryption standards and verifying the user credentials are the two steps for establishing a connection.

The underlying process for the performance of the authentication of the system and users' verification is complex. In the last stage of this process, the authentication of the user takes place through asymmetric encryption.

Summing up:

By understanding the SSH technology in detail, you can get a better idea of the security of your connection with the remote server. Thus, making you comfortable while using this technology. As discussed earlier, it uses three different techniques for encryption, so there is no chance that your messages or passwords could be hacked.

Also Read: Website Ideas to make money