Secure Shell (SSH)

A secure, encrypted, authenticated network protocol for executing commands, transferring data, and tunneling other protocols over an untrusted network. It operates primarily over TCP port 22

SSH is not a single protocol, it is a protocol suite composed of three layered protocols defined in the official standards:

  • The Transport Layer Protocol (SSH-TRANS): Provides server authentication, confidentiality (encryption), and integrity protection for the connection. It handles the initial key exchange and algorithm negotiation.

  • The User Authentication Protocol (SSH-USERAUTH): Authenticates the client-side user to the server. It runs on top of the transport layer.

  • The Connection Protocol (SSH-CONNECT): Multiplexes the encrypted tunnel into multiple logical channels, allowing multiple sessions to share a single SSH connection.

SSH implementations

SSH implementations are actual software programs that implement the SSH protocol. Since SSH itself is only a specification (defined in RFCs), it cannot run by itself. Developers create implementations by writing code that follows those rules exactly, allowing systems to communicate securely using SSH.

1. OpenSSH

The most important implementation is OpenSSH. It is open-source, maintained by the OpenBSD project, and is considered the standard worldwide due to its security, audit history, and wide adoption. It provides both client tools like ssh and server components like sshd

2. PuTTY

It was originally designed as a Windows SSH client with a graphical interface. It is mainly used on Windows systems, especially older setups, and traditionally focuses on the client side rather than acting as a full server.

3. Dropbear

A smaller and more specialized implementation. It is designed to be lightweight and efficient, making it suitable for embedded systems such as routers and IoT devices where system resources are limited.

What each OS uses

Most modern operating systems rely on OpenSSH as their default SSH implementation.

Linux distributions such as Arch, Ubuntu, and Debian use it by default, and macOS also ships with OpenSSH as part of the system. BSD systems, especially OpenBSD, are closely tied to OpenSSH since it originated there.

On Windows, modern versions like Windows 10 and 11 include OpenSSH as an optional built-in feature. In older environments or alternative setups, PuTTY has been commonly used instead.

In embedded environments such as routers and minimal Linux systems, Dropbear is often used because of its small size and efficiency.