EN ES
All posts
Security SSH — Part 1
EN ES

What is SSH?

An introduction to SSH: what it is, how encryption works, and why it replaced Telnet as the standard for remote server management.

(Updated June 6, 2019) 3 min read by b4rt

Series: SSH

  1. 1. What is SSH?
  2. 2. SSH: Public Key Authentication
  3. 3. Configuring the SSH Server

Years ago I watched The Matrix for the first time. There’s a scene where Trinity sits down at a terminal, types a few commands, and breaks into a power grid. I had no idea what was happening — just green letters on a black screen. What I didn’t know at the time was that she was using Nmap and SSH. Real tools. On a real protocol.

That’s what we’re going to talk about today.

What is SSH?

SSH (Secure Shell) is a remote connection protocol for managing machines over a network. It lets you transfer data and execute commands on a remote server as if you were physically sitting in front of it.

Before SSH, the standard was Telnet. Telnet worked, but it had a critical flaw: it transmitted everything in plaintext. Passwords, commands, file contents — all visible to anyone sniffing the network. SSH was built to solve exactly that.

The key difference:

ProtocolEncryptionDefault Port
TelnetNone (plaintext)23
SSHYes (symmetric + asymmetric)22

How SSH encryption works

SSH uses two types of encryption in combination:

Asymmetric encryption is used during the initial handshake to securely exchange a session key. This involves a public/private key pair — the public key can be shared freely, the private key never leaves your machine.

Symmetric encryption takes over for the actual session data. Once both sides have agreed on a shared session key (via the asymmetric handshake), all traffic is encrypted with that key. Symmetric encryption is faster and more efficient for bulk data transfer.

SSH tunneling

One powerful and often underused feature of SSH is tunneling — the ability to route other network traffic through an encrypted SSH connection.

Practical uses:

Bypassing corporate firewalls — Forward a local port through SSH to access services blocked by network policies.

Remote database access — Tools like pgAdmin or phpMyAdmin normally require the database to be accessible on the network. With SSH tunneling, you can connect to a remote PostgreSQL or MySQL instance through a local port, keeping the database completely firewalled from the internet.

# Forward local port 5433 to the remote PostgreSQL port
ssh -L 5433:localhost:5432 user@your-server.com

After running this, you can point pgAdmin to localhost:5433 and it connects securely through the tunnel.

The concept: SSH makes a remote port appear as if it’s running locally. The connection is encrypted end-to-end, and the database never needs to be exposed to the public internet.

Next up

In part 2 we’ll cover public key authentication — how to generate key pairs, copy them to your server, and why you should never rely on passwords alone.

Tags: #ssh #linux #security #encryption #servers #networking

Comments

Stay in the loop

New posts about Linux, debugging, and systems programming. No noise, no spam — just signal.