SSH (secure shell) is a client/server remote access tool used primarily on Unix systems
(AIX, Solaris, Linux, Unix, etc...). Originally developed in 1995 as an alternative to
unencrypted rsh, telnet, and rlogin, it has become the standard method of connecting to
networked systems of the *nix persuasion.
OpenSSH is the major player, but there are other variants of the protocol,
like DropBear which is sometimes found on embedded devices.
Client/Server over encrypted channels.
A user uses an SSH client to connect to a networked system when has a
listening SSH service/daemon/socket (IPADDR + PORT = SOCKET).
When the daemon catches an SSH request, a secure pipe is created between the client and
server overwhich credentials can be securily typed or passed via keys to authenticate the
user. Assuming all goes well the now authenticated user will be served a terminal.
Create key pairs for 'crashdummy' user
# Create key pair
$ ssh-keygen -t ecdsa
# Default path
$ ls -al ~/.ssh/
id_ecdsa
id_ecdsa.pub
# SSH to remote system
$ ssh 192.168.1.56
# Show 'known_hosts'
$ ls -al ~/.ssh/
id_ecdsa
id_ecdsa.pub
known_hosts
# Push SSH public key
$ ssh-copy-id 192.168.1.56
# Check server side..
$ ls ~/.ssh/
authorized_keys
Secure an otherwise insecure login
First, build the secure tunnel through your SSH server
ssh -L 2323:insecure:23 sshserverNext, connect to the insecure host over your local secure tunnel
telnet localhost 2323