SSH

was designed to replace Telnet, for remote access.

Finnish computer scientist Tatu Ylönen designed SSH in 1995

SSH encrypts passwords to protect against theft or brute-force cracking, even with full access to the entire datastream.

OpenSSH is the most commonly implemented software stack. (Since 1999 from OpenBSD devs)

The SSH app is based on a client-server architecture - an SSH client connects to an SSH server.

3 'layers' at play within SSH:

the transport layer provides server authentication, confidentiality, and integrity;

the user authentication protocol validates the user to the server;

and the connection protocol multiplexes the encrypted tunnel into multiple logical communication channels.



Scenario

You've got 2 sets of numbers that are mathematically-related.

You have have a special algorithm that's also mathematically-related to the numbers.

The algorithm takes one of those numbers, and another number representing the message that you want to encrypt...and the output is 1 more number, the same length as the message.

One of the sets of numbers represents your "public key ", and one represents your "private key".

• If you encrypt with your public key, then only your private key can decrypt it.
• If you encrypt with your private key, then only your public key can decrypt it.

If someone asks for your public key, you give it to them, but you keep the private one secret.

You have a few operations that this allows for, and the only difference is which key you're using as the input for the algorithm.

Sources

https://en.wikipedia.org/wiki/Secure_Shell

https://learn.microsoft.com/en-us/windows-server/administration/openssh/openssh_keymanagement

https://www.reddit.com/r/learnprogramming/comments/1enupy/explain_ssh_keys_and_validation_like_im_five/