So, judging from the support tickets, we have the feeling that many customers, especially

the new customers, are intrigued by the possibilities, the options SSA provides, and sometimes it

takes a long time to set up, to find the right setup to do what you want with SSH.

So here goes.

We try to start very simple.

What is SSH?

It's a cryptographic network protocol.

It's about 30 years old, standardized by the Internet Engineering Task Force working group,

and the most popular implementation that you find in the wild is OpenSSH.

OpenSSH is usually available on any standard Linux distribution.

You have it on Windows these days.

So we started to ship it with Windows and the default installation some versions ago

and also on Mac OS.

So if you have one of these systems, chances are that it's already installed in Windows

and just start using it right away.

These are text clients, so you can use them from the command line.

If you are more into a GUI-based access, I mean, SSH per se, of course, is a text-based

access, but there are some bells and whistles you can have if you choose to use a GUI-based

client.

And the one that we recommend here for you if you're running a Windows system is MovA

Xterm.

They have a free edition for download in two versions, one installable and one portable

that you can even carry around on the USB stick.

And it's very easy to use.

It has some interesting features like a built-in X server and also a file browser, which eliminates

the need for WinSCP or similar tools.

So it's basically a one-size-fits-all solution.

What does it do for you?

SSH does several things.

It authenticates the user to the system.

So it tells the system who you are.

You can authenticate yourself.

Here you are you and you have actually the proper rights to access the system.

Also the system is authenticated to you, meaning you can be sure that if you connect, you're

actually connected to the right target host and not some bogus system somebody set up

like a man in the middle attack to divert your login attempt to somewhere else.

All data is encrypted.

So everything that you send and receive over the line once SSH is established is encrypted.

In principle, when the encrypted connection is set up, SSH uses an asymmetric encryption

algorithm and I'll say something about that in a minute for authentication, both directions

and for determination of a session key.

Now what's a session key?

A session key is the key that is used for encrypting the actual data packets.

So once the connection has been established, all the data is sent and received using a

shared secret.

And this shared secret is just a key that is negotiated in the setup phase.

So when the connection is set up, the asymmetric encryption public private key encryption is

not used anymore.

So what is this about asymmetric encryption?

Now that's the thing that you get into contact with.