What are SSH and SSH2?

The program SSH (Secure Shell) is a secure replacement for telnet and the Berkeley r-utilities (rlogin, rsh, rcp, and rdist). It provides an encrypted channel for logging into another computer over a network, executing commands on a remote computer, and moving files from one computer to another. SSH provides strong host-to-host and user authentication as well as secure encrypted communications over an insecure Internet.

SSH2 is a more secure, efficient, and portable version of SSH that includes SFTP, which is functionally similar to FTP, but is SSH2 encrypted. At Indiana University, UITS has upgraded its central systems to SSH2 (usually the OpenSSH version), and encourages those concerned with secure communications to connect using an SSH2 client.

Mac OS X comes with OpenSSH built in. For Windows, you will have to download a third party SSH client.

Note: SSH Secure Shell Client for Windows is no longer available for download from IUware or the SSH Communications Security web site. For alternative SSH and SFTP clients, see At IU, what SSH clients are supported and where can I get them?

When connecting to a server for the first time, SSH presents you with a host key fingerprint for that server and asks you to confirm that you wish to save the new host key to the local database. Before agreeing, you should compare this fingerprint with one you obtain by some other means (e.g., by telephone) from the server administrators to avoid connecting to an imposter server. To avoid this message the next time you connect, click Yes.

Rather than validating identities via passwords, SSH2 can also use public key encryption to authenticate remote hosts. For example, if you were to connect to a remote host called global.conspiracy.org (also running SSH2), SSH2 would use this system to verify that the remote system is the real global.conspiracy.org and not a computer set up to imitate it. If you wish, you can set up SSH2 to use public key authentication rather than passwords for logging into your other accounts, much like the Unix rlogin program. For more information on how to set up SSH and SSH2 to use public key authentication, see In SSH and SSH2 for Unix, how do I set up public key authentication?

You can find additional information on SSH and SSH2 at these sites:

• At IU, what SSH clients are supported and where can I get them?
  
  
• UITS SSH documentation
  
  
• employees.org SSH FAQ
  
  
• OpenSSH home page

Also see:

• In SSH and SSH2 for Unix, how do I set up public key authentication?
• For Unix, what are ssh-agent and ssh-add, and how do I use them?
• What is PGP, and how secure is it?
• At IU, what SSH clients are supported and where can I get them?
• For Mac OS, what is MacSSH, and where can I get it?
• From a Unix account, how do I connect to another shared computer?