What are SSH and SSH2?
The program SSH (Secure Shell) provides an encrypted channel for logging into another computer over a network, executing commands on a remote computer, and moving files from one computer to another. SSH provides strong host-to-host and user authentication as well as secure encrypted communications over the Internet.
SSH2 is a more secure, efficient, and portable version of SSH that includes SFTP, which is functionally similar to FTP, but is SSH2 encrypted. At Indiana University, UITS has upgraded its central systems to SSH2 (usually the OpenSSH version), and encourages those concerned with secure communications to connect using an SSH2 client.
Mac OS X comes with OpenSSH built in. For Windows, you will have to download a third-party SSH client.
When connecting to a server for the first time, SSH presents you
with a host key fingerprint for that server and asks you to confirm
you wish to save the new host key to the local database. Before
agreeing, you should compare this fingerprint with one you obtain by
some other means (e.g., by telephone) from the server administrators
to avoid connecting to an imposter server. To avoid this message the
next time you connect, click
Rather than validating identities via passwords, SSH2 can also use
public key encryption to authenticate remote hosts. For example, if
you were to connect to a remote host called
global.conspiracy.org (also running SSH2), SSH2 would use
this system to verify that this remote system is authentic. If you
wish, you can set up SSH2 to use public key authentication rather than
passwords for logging into your other accounts, much like the
rlogin program. For
instructions, see In SSH and SSH2 for Unix, how do I set up public key authentication?
For more, see:
- At IU, what SSH/SFTP clients are supported and where can I get them?
- SSH Installation and Use from the University Information Security Office (UISO) at IU
- employees.org SSH FAQ
- OpenSSH home page
Last modified on January 10, 2014.