Introduction to SSH and SSH Keys

Apr 28, 2015 | Blog

SSH (Secure Shell) is “a protocol for secure remote login and other secure network services over an insecure network.” (See RFC 4253). Webmasters are familiar with FTP, or “File Transfer Protocol”, which lets them connect to a remote server in order to upload and download files to update their website(s).

Why do we need SSH?

Internet traffic flows through a series of networks, routers, and switches before ending up at the intended destination. For example, when I visit “google.com” from my computer’s web browser, my request goes through several different routers including my office router (which is my control), then into the routers managed by my Internet Service Provider, and finally into Google’s network, which in and of itself would consist of several different routers (or hops).

Read about the differences between routers, switches and firewalls in an earlier blog post.

Typically, traffic goes through the internet insecurely. Think of it like mailing a letter. When you send a postcard, anyone who helps to deliver the postcard can read what is written on it. This includes the mailman who picked up the postcard from your mailbox, post office employees, and finally the mailman who delivers the postcard to its intended recipient.

If a webmaster uses FTP (which is insecure), then anyone with access to a router “in between” the webmaster’s computer and the webmaster’s server can very easily see the information that webmaster sends to the server – including usernames and passwords!

SSH encrypts that traffic, making it more difficult to read that data in transit.

In summary,  SSH makes it possible to securely login to a remote server, and can be used to transfer files via sFTP (secure FTP) among other things. Server administrators love SSH because you can use it to securely administer, configure, update and reboot servers.

So What are SSH “Keys”?

An SSH Key removes the need for a password, and thus (when a server is configured correctly), prevents someone from being able to perform a Brute Force password attack to gain unauthorized access to a server. When you generate and use an SSH key for authentication, you create 2 keys: A public key (which can be shared with anyone and everyone), and a private key (which you must keep safe, and share with no one).

Let’s continue to use the example of uploading files to a web server.

The public key goes onto the server. The private key stays on your computer. When you go to connect to the server, you configure your sFTP client to reference the private key. That private key can only authenticate against the public key (located on the server).

For more information about security and encryption, here’s a few more blog posts I’ve written:

  1. Securing your Website
  2. Information Security: 3 Ways to Secure Your Data
  3. Password Security & User Accounts

Learn more about uswhat we do, or visit our home page.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Why Choose Barred Owl Web?

The Barred Owl Web team is technically proficient, extremely responsive and provides a high level of customer satisfaction.  We highly recommend Barred Owl Web for web development, technical, and customer support.
– Enrique Fiallo, Director of Technology, NET Institute

Barred Owl Web is the hosting company to call first for nonprofits. Their solutions-oriented, customer – and client – focused approach to web hosting provides agencies the ability to consistently and reliably get their messages out to those who need to hear it. You can count on Barred Owl Web to be responsive to the unique needs of your agency. Barred Owl Web’s customer service is exceptional, and it is kind. Contact them and see for yourself!
Rebecca Whelchel, Executive Director, Metropolitan Ministries (MetMin)

Barred Owl Web has always been responsive to our needs as a small nonprofit. They have helped us immensely with issues like Web server security updates and PCI compliance.
Evan Donovan, Web Developer, Tech Mission

Contact Us

423.693.4234
info@barredowlweb.com

P.O. Box 21514
Chattanooga, TN 37424

10 + 12 =