McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Discuss the security issues associated with SSH

Introduction

SSH was originally a program written by Tatu Ylonen, a student at the Helsinki University of Technology to replace the traditional insecure remote access programs such as rlogin, rcp, and telnet (SSH Communications Security, n.d.) It has evolved into a protocol that is used for remote access. The Internet Engineering Task Force (IETF) has standardised the SSH protocol version 2. It encrypts passwords and other data that travels over the network to make them secure. SSH provides a more secure option for remote access as compared to Telnet, RSH, Rlogin and FTP. SSH 2.0 is the current version of the protocol that is widely used. SSH uses RSA-based authentication. The RSA security algorithm uses two keys, one public key and one private key. It is not possible to derive one key from the other. Each server has a public and private key paid for his or her own use. The users who want to connect to the server are given the public key and they use the public key to encrypt the messages they send to server. The RSA algorithm is designed such that messages that are encrypted using the public key can only be decrypted by the private key (and not even the public key itself) This means that only the server, which has the private key, can decrypt the messages sent by the connecting user. SSH thus encrypts all the traffic that passes through an unsecured network. However, SSH has the capability to forward ports and this has greatly expanded its use (Cole, 2005). For example, FTP is also implemented over SSH to derive the more secure SFTP, which offers all the security benefits of SSH together with the capabilities of FTP.

It is important to remember that no system is completely secure, 100% safe against intruders, as long as it is connected to a network. A computer that is switched off and stored in a bomb-proof cement box is perhaps the most secure a computer can be - but even then there isn't a 100% guarantee that no one can access the system - someone can always chip the cement box slowly and ultimately gain access to the computer.

Even if networks are totally secured such that it is very difficult to break into the network, other methods such as social engineering can be used. In this background, SSH is just one security measure that will provide a relatively higher level of security. The power provided by SSH through its tunnelling capability combined with the strong security, encryption and even compression has made SSH become one of the most popular services for providing secure remote access. SSH has in fact become the tool of choice for system administrators all over the world. It provides all of the functionalities from existing tools, but also provides it in a more secure way. This has resulted in SSH replacing the more entrenched Telnet service (Rosasco and Larochelle, 2003), and its success in enterprise.

Related Links
To Top