RSA Laboratories

5.1.5 What is SSH?

SSH, or Secure Shell, is a protocol which permits secure remote access over a network from one computer to another. SSH negotiates and establishes an encrypted connection between an SSH client and an SSH server, authenticating the client and server in any of a variety of ways (some of the possibilities for authentication are RSA, SecurID, and passwords). That connection can then be used for a variety of purposes, such as creating a secure remote login on the server (effectively replacing commands such as telnet, rlogin, and rsh) or setting up a VPN (Virtual Private Network).

When used for creating secure logins, SSH can be configured to forward X11 connections automatically over the encrypted ``tunnel'' so as to give the remote user secure access to the SSH server within a full-featured windowing environment. SSH connections and their X11 forwarding can be cascaded to give an authenticated user convenient secure windowed access to a complete network of hosts. Other TCP/IP connections can also be tunneled through SSH to the server so that the remote user can have secure access to mail, the web, file sharing, FTP, and other services.

The SSH protocol is currently being standardized in the IETF's SECSH working group:

More information about SSH, including how to obtain commercial implementations, is available from

Top of the page