SSH: The Portal Between Two Computers
Introduction
Did you ever wonder what is the most secure way to connect two computers remotely, while sharing files?
Or, is there any way we can keep two systems connected like a portal without needing to enter passwords repeatedly while keeping the systems secure?
The answer to this is YESSS!!! 🥳
We can do all that using... 🥁
SSH!!
Sounds pretty cool, right?
In this blog, we are gonna talk about SSH, and how we can share files as well as control and modify remote computers over the internet with encryption.
Before understanding it, let us know what are protocols first because SSH is a type of protocol.
Protocols
Protocols are an agreement by which machines 💻 communicate with one another. we can say it's the language in which the computers communicate with each other.
A few examples of protocols are:
and a lot more protocols are there...
Now you might be thinking then what exactly is the difference between HTTPS and SSH? as both are a way to communicate and are encrypted. 🤔
The main difference between HTTPS and SSH is, HTTPS is only used in transferring files between browser and server and showing a website, whereas SSH is a shell to exchange or communicate between two devices and not just browsers. A shell allows us to talk to OS directly.
In Short,
In an SSH connection, there are 2 computers involved:
SSH Command
Now, let's see how exactly can we use SSH. We can simply run the SSH command in our terminal: ssh {user}@{host}
.
For example, ssh root@192.168.5.2
In this, ssh
lets the OS know we are going to initialize a shell connection , the root
is the user (Fun Fact: root is often the default configuration used for admin 👨💼 access on servers) and 192.168.5.2
is the IP Address of the server we are trying to get into.
If you are using Linux or Mac, then using SSH is pretty straightforward, but in case you can't: makeuseof.com/tag/beginners-guide-setting-s..
But in the case of Windows, we need to utilize an SSH client to open SSH connections, and the most popular one for Windows is called "Putty."
You can use the following resource for Windows:
Now after setting it all up, 🥹 you must be wondering, " But why? why do we(Software Developers/Engineers) need it? What's the point of all this? 🥲"
Why SSH is important for you as a Software Developer?
SSH is an essential concept for developers because we will have to use it all the time during our careers.
Some examples:
Okay, so now you understand why we need it. But how does SSH actually work?
Let's try to understand that! Also please grab yourself a coffee ☕️or chai :) because it's gonna be a long read and needs your attention!
So, get caffeinated, and Let's begin... 🔥
How SSH Works?
To understand how SSH works we need to understand the 3 techniques used in SSH:
Before understanding these, do you see the word "Encryption" here? What exactly is that?
So, Encryption is a way to hide or jumble up a piece of information so that it's impossible for a third party to get the report without having some sort of way to decrypt it.
Symmetrical Encryption
So again with symmetric encryption, anyone who possesses a key can decrypt the message being transferred. And SSH communicates through this shared key.
This looks nice but what is one problem you notice here?👀 Can you think of any?🙃Well anyone that has the key can decrypt the message.
But it must be noted that the secret key is specific to each SSH session and is generated prior to client authentication.
So once the key has been generated between these two parties, all packets moving between these two machines must be encrypted with this key. Therefore using symmetrical encryption, we are able to communicate in a private way.
Asymmetrical Encryption
So what do you think can be the function of these?
Let's take an example,
Do we always use Asymmetrical Encryption?
Diffie Hellman Key Exchange: Makes it possible for each party to combine their own private data with public data from other systems to arrive at an identical secret session key. Woah! 🥵 seems confusing? Don't worry I am attaching a few resources which you can use to understand it better. ☺️
Isn't it kind of funny?
Also, now you might be thinking: Fine! enough about all these encryptions 🥲
But trust me, these types of encryptions are everywhere!
You are probably using it right now while reading this blog!
To read this blog, you are using Diffie Hellman Key Exchange or when we use our phone to use anything when it connects to a server, it uses Diffie Hellman Key Exchange, and as a developer, we should know how these things work, right? and not just on the surface level.🥹
So to summarize we learned everything till now, SSH uses both symmetric and asymmetric encryption, since asymmetric encryption is more time-consuming most SSH connections use symmetric encryption as we have discussed.
The idea behind this is that asymmetric encryption is used to share only the public key. Then finally, use that key symmetric encryption for further communication, so it's swift.
Once secure symmetric communication has been established. The Server uses the client's public key and generates a challenge which is transmitted to the client for authentication. If the client successfully decrypts the message, the client holds the private key required for connection, and the session finally begins.
There is again one issue in this whole connection. What if a third party tries to act as the client or server and temper or modify the data if they somehow convince the client that they are the host or vice versa they can exchange the keys with them and the information can flow thru that middle man.
To solve this issue, we will talk about something called hashing.
Hashing
So how is that useful? As we mentioned before, SSH is able to transfer messages securely but to prevent duping by third parties, we can use hashes to authenticate the information so the third party can't temper or modify the information.
So the gist of this is:
Let's take an Example,
Authentication
To understand the authentication part even better, I am attaching a few resources: docs.github.com/en/authentication/connectin..
inmotionhosting.com/support/server/ssh/how-..
Woah! That was a lot of information! 😳 But it's enjoyable to understand things deeply and how they work!
Conclusion
So let's summarize till now; we talked about the Diffie-Hellman Key Exchange(Asymmetric Encryption) to share the Symmetric Key with which we can communicate along with testing out if the information sent is being tempered or not by any third party using hashing. Then we are authenticating the user by SSH itself and who even is trying to communicate with the server has the right access to it.
That's all! Now you (hopefully🤞) understand why we need SSH and how it works! 🥳