42.1. Introduction to SSH

SSH is a protocol for securely logging into and transferring files to and from a UNIX system over a network. All SSH traffic is encrypted so that anyone listening in on the network cannot capture passwords, which is a vast improvement over the insecure telnet and FTP protocols. In a way, SSH can be thought of as a secure replacement for those protocols, although in fact it can be used for much more.

An SSH server is a daemon process that runs on a UNIX system waiting for connections. An SSH client is a program run by a user (or from a script) that connects to a server to start a remote login session or transfer some files. Both the client and server authenticate themselves to each other, so that each can be sure of the other's identity. Client authentication is done either with a username and password or a username and private key, while server authentication always uses a key.

There are many different SSH clients and servers available, but the two most common client/server packages on UNIX systems are the freely available (open source) OpenSSH and the original, commercial SSH. In addition, there are two different versions of the protocol that are not compatible—versions 1 and 2. Fortunately, the latest releases of both packages support both versions.

The directory /etc/ssh contains all the configuration files used by both SSH servers, and even though the filenames are the same, their formats are slightly different. The primary file is called sshd_config and consists of a series of directives—one per line. As is usual with UNIX server configuration files, each sets some option such as the list of denied users or the IP address on which to listen. The same directory also contains the file ssh_config, which sets options that apply to the SSH client programs (such as ssh and scp) running on your system. The Webmin module covered in this chapter can edit both files directly.