SSH Communications Security
Index
SSH Home page
Previous Next Up [Contents] [Index]

    Introduction >>
    Configuration >>
    Connecting >>
    Terminal Window >>
    File Transfer >>
    Toolbar Reference >>
    Menu Reference >>
    Advanced Information
        SSH2 Functionality >>
        Public-Key Infrastructure (PKI) >>
        Using Certificate Authentication>>
    Troubleshooting >>
    Appendices >>

Advanced Information

SSH is a protocol for secure remote login and other secure network services over an insecure network. It consists of three major components:

  • Transport layer protocol [SSH-TRANS] provides server authentication, confidentiality, and integrity. It may optionally also provide compression. The transport layer will typically be run over a TCP/IP connection, but might also be used on top of any other reliable data stream.
  • User authentication protocol [SSH-USERAUTH] authenticates the client-side user to the server. It runs over the transport layer protocol.
  • Connection protocol [SSH-CONN] multiplexes several logical channels into the encrypted tunnel. It runs over the user authentication protocol.

The client sends a service request once a secure transport layer connection has been established. A second service request is sent after user authentication is complete. This allows new protocols to be defined and coexist with the protocols listed above.

The connection protocol provides channels that can be used for a wide range of purposes. Standard methods are provided for setting up secure interactive shell sessions and for forwarding ("tunneling") arbitrary TCP/IP ports and X11 connections.

SSH2 Functionality

Public-Key Infrastructure (PKI)

Using Certificate Authentication

Previous Next Up [Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2001 SSH Communications Security Corp
All rights reserved.
Copyright Notice