This is the home page of the SSH (Secure Shell) protocol, software, and related information. SSH is a software package that enables secure system management and file transfers over insecure networks. It is used in almost every data center and every large enterprise.
This page was created by the inventor of SSH, Tatu Ylonen (twitter: @tjssh). He wrote ssh-1.x and ssh-2.x, and still works on related topics. The implementation of open-source OpenSSH is based on its free version.
The SSH protocol
The SSH protocol
uses encryption to secure the connection between a client and a server. All user authentication, commands, output, and file transfers are encrypted to protect against network attacks. For more information on how the SSH protocol works, see the protocol page. To understand the SSH file transfer protocol, see the SFTP page.
Download client software
Here you can find links to download several free SSH implementations. We offer several free SSH implementations to download and provide links to commercial deployments.
Download
-
PuTTY Download
SSH Clients List of SSH implementations Here we list several SSH
implementations
. Feel free to submit additional implementations for this page. For many implementations, we offer a review, installation instructions, guidance, and/or procedures on this site.
Tectia SSH client and server for Windows, Unix, Linux – with 24×7 support Tectia SSH for IBM z/OS client and
-
server for mainframes IBM z/OS – with 24×7 support
-
PuTTY
-
WinSCP
-
CyberDuck Client for Mac
-
OpenSSH Server for Unix, Linux
-
client alternatives Overview of alternatives
- Server
Alternatives to Windows
-
PrivX™ Privileged Access Management for Multiple Clouds
Client for Windows and Linux
Client for Windows
Overview of
SSH
Running and configuring SSH
This section contains links about using
, configuring, and managing SSH. Tectia SSH Manuals command-line options SSH SSH – The SSH server on Unix/Linux sshd_config – Server configuration file on Unix/Linux
-
ssh_config – Client configuration file on
-
Unix/
-
Linux
-
SSH
-
got that number
port, and how it
SSH
security
and attacks against it
The SSH protocol is believed to be secure against cryptographic attacks on the network, as long as the keys and credentials are properly managed. However, we do not recommend using the diffie-hellman-group1-sha1 key exchange. It uses a 768-bit Diffie-Hellman group, which may be breakable by today’s governments. Larger groups are probably fine. Recent versions of OpenSSH have disabled this group by default. See sshd_config to configure which key exchanges to use.
-
BothanSpy and Gyrfalcon Review: The CIA’s Alleged Hacking
-
Tools Man-in-the-middle attacks against
-
Imperfect forward secret: how Diffie-Hellman fails in practice
SSH
Automate with SSH keys, but manage them
SSH keys can be used to automate access to servers. They are commonly used in scripts, backup systems, configuration management tools, and by developers and system administrators. They also provide single sign-on, allowing the user to move between their accounts without having to type in a password each time. This works even across organizational boundaries, and is very convenient.
However, unmanaged SSH keys can become a major risk in larger organizations.
What
-
is an
-
Lifecycle Management mean
-
ssh-copy-id keys – Provision access
-
PrivX
-
On-Demand
-
Manager
SSH key What does Universal SSH
? SSH Key Manager ssh-keygen – Create
on authorized_keys servers –
Access
authorized key file format it can be used as an alternative to SSH keys, completely eliminating the need for permanent keys and passwords on servers.
History of the SSH
protocol
The Secure Shell protocol was originally developed by Tatu Ylonen in 1995 in response to a hacking incident on the Finnish university network. A password tracker had been installed on a server connected directly to the backbone, and when it was discovered, it had thousands of usernames and passwords in its database, including several from Ylonen’s company.
That incident prompted Ylonen to study cryptography and develop a solution that he could use himself for remote logging over the Internet securely. His friends proposed additional features, and three months later, in July 1995, Ylonen released the first version as open source. It became OpenSSH. He later took the protocol for standardization at the IETF and designed the SSH File Transfer Protocol (SFTP). He founded SSH Communications Security Corp in December 1995 to provide commercial support for the protocol.
Ylonen still works on issues related to Secure Shell, particularly around key management, as well as broader cybersecurity issues.
Today, the
protocol is used to manage more than half of the world’s web servers and virtually all Unix or Linux computers, on-premises and in the cloud. Information security specialists and system administrators use it to configure, manage, maintain, and operate most firewalls, routers, switches, and servers in the millions of networks and mission-critical environments of our digital world. It is also integrated into many file transfer and system administration solutions.
The new protocol replaced several legacy tools and protocols, including telnet, ftp, FTP/S, rlogin, rsh, and rcp.