The SSH (Secure Shell) protocol, which uses for encrypted data transmission, uses 22 port number and provides machine control management by providing a remote connection.
What is SSH?
SSH or Secure Shell is a remote management protocol that allows users to control and modify their remote servers over the Internet. This protocol was created as a secure back up for unencrypted Telnet and uses encryption techniques to ensure that all communications to the remote server are encrypted.
It is the name of the program that implements it and is used to access remote machines over the network. It allows us to fully manage the computer through a command interpreter and also can redirect X traffic to execute graphics programs if we have a working X Server (on Unix and Windows systems).
In addition to connecting to other devices, SSH allows us to securely copy data (simulate both single files and encrypted FTP sessions), manage RSA keys and pass through another application data channel to avoid typing keys when connecting to devices.
SSH works the same as Telnet. The main difference is that SSH uses encryption techniques that make the information circulating in the media unreadable and no third party can find the username and password of the link or what was written throughout the session; With REPLAY attacks, it is possible to attack such systems and thus change the information between the targets.
At first there were r commands based only on the rlogin program, which worked similarly to telnet.
The first version of the protocol and program was free and was created by Finn named Tatu Ylönen, but its license was changed and the SSH Communications Security company appeared, which offered free for local and academic use, but demanded payment to others.
It was proposed as a draft in IETF in 1997 (two years after the first version was created).
In early 1999, it started to write a version of OpenBSH that would become an excellent application called OpenSSH.
SSH allows the user to authenticate using the normal Unix password. The only (and important) difference is that the password never roams clearly over the network. If we use SSH to change telnet, rlogin or FTP, we will prevent our password from being caught by potential “sniffers” on the network.
On the other hand, we will continue to be vulnerable to “dictionary attacks” against the password: if an attacker has access to the /etc/passwd file, it is not difficult to find passwords of words that may appear in the dictionary. This means that it is extremely important for the administrator to properly protect the /etc/passwd file and for users to use “secure” passwords (combining as many random, upper case, lower case, numbers, and punctuation as possible).
Public key authentication
The second authentication alternative uses a public/private key scheme, also known as an asymmetric key. This scheme uses a pair of keys:
1. A public key that is copied to all servers we want to connect to.
2. A private key that we have only; For additional security, this key is encrypted with a password.
These two keys have an important feature: Text encrypted with a public key can only be decrypted using a private key, while text encrypted with a private key can only be decrypted using a public key.
Let’s see how this feature is applied to the authentication process:
The server sends us a message that we need to return encrypted with our private key.
The server decrypts the reply message with our public key.
The server compares the message obtained with the original text; if they match, the server will see us as authentication correctly.
Of course, this whole process is transparent to the user; we only need to worry about typing the password when the program requests it. The weakest point of this scheme is how to get our public key to the server. Currently, there is no automated way to do this, and there is no other way than to do it manually.
The main advantage of this authentication method is that even if an attacker manages to compromise the server, they can only access our public key, but they can never access our private key. However, the private key must be protected with an appropriate password to prevent compromised customer security. In this way, no one can use it even if they somehow managed to take it over.
In the case of connecting from the Unix machine, a secondary advantage is that an authentication agent can be used to prevent the password from being written on each connection.
The major drawback of public-key authentication is the preconfiguration phase, which can be a bit cumbersome. Steps to follow are:
Creation of keys.
Propagation of the public key.
Selection of the key pair
Connecting to a Remote Server
To connect to a remote SSH server from a Unix/Linux client, we can open a console and write:
$ ssh example.com
If we want to connect as root on a remote server, but as a client, we are like other users:
$ ssh -l root example.com
It provides a mechanism for transferring data from the client to the server and forwards it back to the client by authenticating a remote user.
After installing an SSH Server on your computer, you must use the SSH Client program to access your server over LAN or WAN.
When you connect to a server on a network from a remote location, your data transfer with a strong encryption algorithm.
Secure data transfer using the SSH protocol takes place over TCP. You must configure the TCP/22 Port on your ADSL Modem or Router to access the server from a remote location.
Is SSH Connection Secure?
This connection type uses an SSL certificate for data security. For example, when you visit a website, you will see a green icon in the upper left corner. This icon indicates that the website has an SSL certificate and that your data transmits securely. As a result, the reliability of the data stream ensures.
How to Install SSH Server on Windows Computer
After explaining what the SSH protocol is, let’s examine how to use SSH in Windows 10 operating system.
In our previous articles, we reviewed the Telnet protocol. On Windows 7,8,8.1 and Windows 10, we have enabled Telnet Client from Windows Features. We cannot simply activate SSH Client on Windows from Windows Features.
Therefore, you need a 3rd Party program like Putty to connect to the server.
When you compare this protocol with Telnet, you can see that it is much more secure.
To run and connect to an SSH server on your Windows 10 computer, download the OpenSSH and Putty programs to your computer by clicking the buttons below.
To use the VMware virtual machine as a server, we will install and configure OpenSSH on it. For SSH Server installation, follow the steps below.
Check the IP address of the network adapter on your host.
Configure the network settings of the Windows 10 virtual machine you have installed on VMware Workstation as VMnet4 / Bridged, and then check the IP address the machine receives from the DHCP server.
Check the network adapter setting of the Windows 10 virtual machine from the Virtual Network Editor.
In VMware Virtual Network Editor, you can create VMnet4 or a new VMnet. Check that the VMnet4 adapter card is set to Bridged.
Copy the downloaded OpenSSH program to the virtual machine and run the file as an administrator to start the installation.
Select the language of the program to be installed and click OK.
The OpenSSH program is preparing for installation.
In the OpenSSH installation window, click Next.
Accept the OpenSSH license agreement and click Next.
In the Components window, select the Server option and click Next.
In the installation location window, leave the default settings and click Next.
In the Select start menu folder, click the Next button.
In the Run as LOCAL_SYSTEM window, select this setting and click Next.
We have specified that the default port number for the SSH connection is 22. Leave the default setting and click Next.
It will generate Key for a secure connection. Continue by selecting the default setting here.
In the User Setup window, continue by selecting Local Users.
Wait while installing OpenSSH on Windows 10.
After the OpenSSH installation is complete, go to the next step.
After installing it, you must now create a new user for the Customer.
Open Computer Management to create a new user.
In the Computer Management window, click Users, then Right-click on the free space.
When the user creation window opens, click New User here.
After configuring a new user, password, and description, click the Create button.
After creating a new user for the client, click Close to close the window.
Double-click SSHUser to make an administrator.
Click the Add button on the Membership tab to continue.
In the Select group window, click the Advanced button at the bottom.
You will then click Find to search for groups on the operating system.
Select the Administrator account and click OK.
In the SSHUser Properties window, click OK again.
After making the user a member of the Administrator group, click the OK button.
Now, we will use the Putty program to connect to the Server from the Host PC. Putty will provide us with an SSH Client service. Double-click Putty to open it.
After opening Putty, type the IP address of the Windows 10 virtual machine (OpenSSH Server) and click the Open button.
You can examine the connection to OpenSSH Server from the image below.
Type the SSHUser user name that you created on the virtual machine.
Type the password of SSHUser and press Enter.
You have successfully connected to SSH Server using Putty!
To obtain the hostname of the server, use the “hostname” command.
You can also check your Hostname through Windows 10 OpenSSH Server.
Run the “md FolderName” command to create a new folder on the server.
Go to the virtual machine and check the C: drive to see that the new folder creates.
How to Use the Secure Shell Protocol ⇒ Video
To install and configure OpenSSH Server on your computer or VMware virtual machine, you can watch the video below and also subscribe to our YouTube channel to support us!
In this article, we reviewed how to install a free SSH Server on Microsoft Win 7, 8, 8.1, and 10 operating systems. Using OpenSSH, you can securely connect to your server from a remote location and transfer files. Thanks for following us!