Secure Shell - Why to use it?

Currently, almost all communications in computer networks are done without encryption. As a consequence, anyone who has access to any machine connected to the network can listen in on any communication. This is being done by hackers, curious administrators, employers, criminals, industrial spies, and governments. Some networks leak off enough electromagnetic radiation that data may be captured even from a distance.

When you log in, your password goes in the network in plain text. Thus, any listener can then use your account to do any evil he likes. Many incidents have been encountered worldwide where crackers have started programs on workstations without the owners knowledge just to listen to the network and collect passwords. Programs for doing this are available on the Internet, or can be built by a competent programmer in a few hours.

Furthermore, it is possible to hijack connections going though the network. This means that an intruder can enter in the middle of an existing connection, and start modifying data in both directions. This can, e.g., be used to insert new commands in sessions authenticated by one-time passwords. A consequence is that no security method based on purely authenticating the user is safe. Furthermore, routing spoofing can be used to bring almost any connection in the Internet to a location where it can be attacked.

Encryption and cryptographic authentication and integrity protection are required to secure networks and computer systems. SSH uses strong cryptographic algorithms to achieve these goals.

Ease of use is critical to the acceptance of a piece of software. SSH attempts to be *easier* to use than its insecure counterparts.

SSH has gained very wide acceptance. It is currently (late 1996) being used in approximately 50 countries at probably tens of thousands of organizations. Its users include top universities, research laboratories, banks, major corporations, and numerous smaller companies and individuals.

SSH is available for almost all Unix platforms, and commercial versions are available for Windows (3.1, 95, NT) and Macintosh. For more information, see

Back to Info Page

Last modification: 12. 2. 1997 by Jiri Klouda