SSH or Secure Shell was designed as a replacement for insecure protocols such as Telnet, FTP, and the r-commands. SSH provides secure network terminal access and file transfer, which means when someone “SSH’es to a box”, she connects to a system securely.

In addition to session encryption ( which provides confidentiality and integrity), SSH may also leverage certificate-based authentication. This way, you can authenticate with a password, a certificate, or both. Symmetric session keys used to establish confidentiality and integrity are unique for each session.

SSH may also be used as a VPN to tunnel other protocols such as http. SSH operates on TCP port 22. The most popular version of SSH is OpenSSH. SSHv1 is vulnerable to a man-in-the-middle attack, therefore SSHv2 is recommended.