SSH (Secure Shell) is a cryptographic network protocol that provides a secure channel over an unsecured network. It is the standard method for remotely administering Linux servers, transferring files (SFTP), and tunnelling other protocols securely.
What SSH Replaces
SSH was created in 1995 to replace insecure protocols: Telnet (plain-text remote login), rlogin and rsh. All previous protocols sent data including passwords in clear text.
SSH Authentication Methods
- Password — Simple but vulnerable to brute-force attacks. Disable this on production servers if possible.
- SSH Key Pair — Generate a public/private key pair. Store the private key on your machine; place the public key on the server. Authentication is cryptographic — no password needed and far more secure.
Common SSH Use Cases
- Logging in to a remote server:
ssh [email protected] - Running commands on a remote server.
- Transferring files via SFTP.
- Setting up SSH tunnels and port forwarding.
- Git operations over SSH (GitHub, GitLab).
Default Port
SSH listens on port 22 by default. Changing the default port can reduce automated brute-force attempts but is security through obscurity — pair it with a strong firewall and key-based authentication.