Security News, Security Operations

How do Secure Shell (SSH) keys work?

Asymmetric and symmetric encryptions are the types of encryptions used in cryptography. There is only one key involved in symmetric encryption, which is used for both encryption and decryption. The key has to be shared among the parties involved who wish to encrypt and decrypt data

Data transmission between devices on a particular network needs to be properly monitored and regulated for proper and secure communication. This transmission is carried out with a set of rules which is also known as a network protocol. SSH came into existence because earlier protocols like Telnet and rsh were not as secure and did not provide protection against malicious cyber-attacks. The desire for a more secure connection led to the creation of the SSH protocol.

What is SSH?

Secure Shell (SSH) is the network protocol that provides a secure way for two devices like computers to connect remotely. SSH employs encryption to ensure that attackers cannot interpret the connection or traffic between two connected devices. SSH consists of three different layers:

Transport Layer

This layer establishes safe and secure communication between client and server during transmission and after authentication. It oversees data decryption, encryption, protection, and integrity and helps speed up data exchange (by providing data compression and caching).

Authentication Layer

This layer communicates the supported authentication methods to the client and conducts the entire user authentication process.

Connection Layer

This layer manages the communication between the devices after the authentication succeeds and handles the opening and closing of communication channels.

What is SSH used for?

SSH provides a layer of security for the data exchange between machines or devices. Some important use cases are:

  • Remote access

    SSH ensures encrypted remote connections for both users and processes.

  • File transfer

    SFTP is a secure file transfer protocol managed by SSH and provides a safe way to manipulate files over a network.

  • X11 Forwarding

    Users can run server-hosted X applications from their client machines.

  • Port Forwarding

    After mapping a client’s port to the server’s remote ports, SSH helps secure other network protocols like TCP/IP.

  • Tunneling

    This is an encapsulation technique that provides secure data transfers. It is useful for accessing various business-sensitive online materials from unsecured networks.

How does SSH work?

If the user is using Linux or Mac, then using SSH is very simple, but for Windows users, utilizing an SSH client to open SSH connections is mandatory. The most typical and popular SSH client is PuTTY.

Mac and Linux users, a user needs to head over to their terminal program and needs to enter the following SSH command (which consists of 3 distinct parts):

ssh {user}@{host}

The SSH key command instructs or guides the user’s system to open an encrypted Secure Shell Connection. {user} refers to the account that the user wants to access. For example, a user may wish to access the root user, which is synonymous with the system administrator with any or complete rights to modify anything on the system. {host} represents the computer that the user wants to access, which can be an IP address or a domain name.

After hitting enter, the user will be prompted to enter the password for the requested account. If the entered password and credentials are correct, the user will be greeted with a remote terminal window.

When a client connects to a server over SSH, that machine can be controlled and used by a local device or computer. But the server was designated a TCP port through which it monitors the network and waits for clients to initialize this connection, but before that, it needs to pass the authentication process.


SSH is useful in diverse situations, and is also secure and lightweight, making it very popular. SSH communication is encrypted and cannot be easily interpreted by any unauthorized system.

Free Downloads

Datasheet of Encryption Consulting Services

Encryption Consulting is a customer focused cybersecurity firm that provides a multitude of services in all aspects of encryption for our clients.

Encryption Services

About the Author

Subhayu Roy is a Consultant at Encryption Consulting, working with PKIs, HSMs, creating Google Cloud applications, and working as a consultant with high-profile clients.

Let's talk