Question

• Describe the salient characteristics of the IETF RFC 4251 Secure Shell (SSH) protocol including its relationship to the OSI and TCP/IP networking models, and discuss any security mechanisms that the protocol may have built into it.

Answer 1

The Secure Shell (SSH) is a protocol used for secure remote login. The major components of SSH are Data confidentiality, Authentication and integrity services. SSH was created by T.Ylonen of Helsinki University(Finland). The SSH provides both server and client authentication.

Internet Engineering Task Force’s official name for the SSH1 protocol was “secsh”. SSH has two generations: SSH1 and SSH2. The documents for SSH2 was published as RFC in 2006. A Request for Comments (RFC) is a document from the Internet Engineering Task Force(IETF). It is formed after committee drafting and repeated reviews. RFC becomes the Internet standards and then further changes are not allowed.

The salient characteristics of the IETF RFC 4251 Secure Shell (SSH) protocol are:

1)Strong authentication with SSH keys

2)SSH provides strong encryption and integrity protection.

3)Secure Remote Logins

4)Secure File Transfer

5)Secure Remote Command Execution

6)Access Control

7)Port forwarding

8)SSH is widely used for remote commands

9)SSH is used for controlling network infrastructure in corporate networks.

10)SSH can facilitate automated file transfers.

11)Interoperability

12)Optional data compression

SSH is an OSI model application layer protocol. It uses cryptography to enable remote login and other network services. SSH is also present in TCP and it encrypts the data inside a TCP packet. When two nodes are using SSH to establish a TCP/IP connection, the protocol version and the software information is exchanged initially. Then the keys are exchanged. The client will request a service on completion of the SSH Transport Layer Protocol.

The main aim of SSH is to enhance security on the Internet. The encryption and algorithms are well known. These algorithms can withstand even strongest cryptanalytic attacks. If in case one algorithm is broken, it can easily switch into another algorithm without changing the base protocol.

SSH mainly uses three manipulation techniques to provide secure connections. These include symmetrical encryption, asymmetrical encryption and hashing. In symmetrical encryption a single key is used to encrypt and decrypt messages. While in asymmetric encryption a private key and a public key is used to send data in encrypted form. Hashing is another data manipulation technique used in SSH. Cryptographic hash functions are used in this method.