How Does SSH Work?

Before SSH

When we send out information, we seat it in envelopes, boxes or packets to ensure that it only opened by the person who is intended to receive the information. We seal up the information and send it through a postal service.

Ever since the dawn of internet, mankind has been trying to find better and faster ways of sending information from point A to point B. We came up with Telnet, which is a tool that connects to the remote machine using port 23. The problem with Telnet is not it sends information via plain text which means that anyone who wants that information can access the network and sniff out the information if required. This is the complete opposite of what we wanted, which was to find a secure way of sending information from point A to point B.


Facing security issues with telnet, we came up a better way of sending information. That method is known as SSH or Secure Shell.

How SSH sends encrypted messages

how does ssh work

So, I want to establish communication securely using encrypted messages from machine A to machine B and vice versa. I can accomplish this with SSH as follows.
SSH establishes a secure connection between two machines using port 22. After authenticating each other, they’ve enabled the safe exchange of messages.

SSH uses 3 different encryption types:

  • Symmetric encryption
  • Asymmetric encryption
  • Hashing

Symmetric & Asymmetric encryption are the popular ways of creating secure communication between two machines.

Symmetric Encryption

This method is also known as shared key encryption, here a single or a pair of keys is used for both encryption and decryption of a message. This key is used to encrypt the entire communication between machine A & machine B. Both the machines agree upon a single method and generate a shared key which obviously is never disclosed to anyone else. The fascinating part here is that the key is actually never exchanged between machine A and B but instead both the machines calculate the shared key independently using a method agreed upon earlier.

So, even if someone somehow manages to capture the data, they will not be able to decrypt because the method used during the encryption is unknown.

Asymmetric Encryption

Unlike symmetric encryption, this method uses a pair of keys for encryption and decryption. These keys are commonly known as public and private keys. As you can guess, the public key is distributed widely but the private key is not revealed to any third party. In reality, the private key is closely related to the public key in terms of similarity but cannot be calculated just by having the public key.

how does ssh work

Use the following code when implementing SSH to see what SSH does in order to securely connect your machine to the remote machine:

ssh -v remotemachinedomain

More Knowledge

Want to learn more about SSH? Join RHCSA Training
Have you learned Devops? Start with RHCE Training

If you are completely new to Linux, I would suggest that you go through the basic Linux program also known as RHCSA: Linux Training
If you are an expert with Linux, grow your career with RHCE, AWS, Devops, Openstack or Openshift.