What is a Secure Shell?

A secure shell allows two networked devices to exchange data over a secure channel. This network protocol uses public-key cryptography to protect information so that it can be safely sent over an unsecured network. A secure shell is most often used on Linux and UNIX computer systems.

In computing, a shell is a software structure that provides a way for users to access an operating system. It is most commonly used to launch another program. A shell account gives access to a shell through a user account on a remote server. The user interacts with the shell by typing commands. This is called a command-line interface.

A secure shell offers users a way to access the server securely even if the network is not secure. A form of encryption called public key cryptography is used to create the secure connection. Each computer in the communication has two keys, a public key and a private key. The message is encrypted using the public key, which is available to anyone, but can only be decoded using the private key, which is known by only the destination computer. Though the keys are mathematically related, there is no way to figure out the private key using the public key.

The Internet Engineering Task Force, the organization that creates and maintains Internet standards, created the secure shell protocol. It was intended to replace Telnet and rlognid as the protocol of choice for logging into shells on remote computers. The secure shell protocol is both more secure than Telnet and more versatile than rlognid.

The secure shell protocol can also be used for tunneling a port. A tunnel is a secure channel used to transfer unencrypted data from a port on the local computer to a port on the remote computer. While encryption is like writing a message in code, tunneling is like speaking the message over an untappable phone line. The information is protected by the channel through which it is traveling rather than by the format of the message.

Files are transferred in the context of a secure shell by using the secure shell file transfer protocol. This protocol provides file access as well as management and transfer capabilities over any reliable data stream, such as an Ethernet connection. It was created by the Internet Engineering Task Force for use with secure shell but can work with any secure channel. Other file transfer protocols that can be used with a secure shell include secure copy and files transferred over shell protocol (FISH).