Array ( [0] => {{short description|Set of computer programs providing encrypted communication sessions}} [1] => {{Distinguish|OpenSSL}} [2] => {{Use dmy dates|date=August 2016}} [3] => {{Infobox software [4] => | name = OpenSSH or OpenBSD Secure Shell [5] => | logo = OpenSSH logo.png [6] => | logo size = 190px [7] => | logo alt = [8] => | logo caption = "Keeping your communiqués secret" [9] => | screenshot = [10] => | screenshot alt = [11] => | caption = [12] => | collapsible = [13] => | author = [14] => | developer = The [[OpenBSD]] Project [15] => | released = {{Start date and age|1999|12|01|df=yes}} [16] => | latest release version = {{wikidata|property|preferred|references|edit|Q847062|P348|P548=Q2804309}} [17] => | latest release date = {{wikidata|qualifier|preferred|single|Q847062|P348|P548=Q2804309|P577}} [18] => | latest preview version = {{wikidata|property|preferred|references|edit|Q847062|P348|P548=Q51930650}} [19] => | latest preview date = {{wikidata|qualifier|preferred|single|Q847062|P348|P548=Q51930650|P577}} [20] => | repo = {{URL|https://github.com/openssh/openssh-portable}} [21] => | programming_language = [[C (programming language)|C]] [22] => | operating system = [[Cross-platform]]{{Cite web| title=OpenSSH Portable Release |url=https://www.openssh.com/portable.html |publisher=OpenBSD |access-date=15 October 2015}} [23] => | platform = [24] => | size = [25] => | language = [26] => | language footnote = [27] => | genre = [[Terminal emulation|Remote access]] [28] => | license = [[BSD licenses#2-clause|BSD]], [[ISC license|ISC]], [[Public-domain software|public domain]] [29] => | alexa = [30] => | website = {{URL|https://www.openssh.com/|openssh.com}} [31] => | standard = RFC 4250, RFC 4251, RFC 4252, RFC 4253, RFC 4254, RFC 4255, RFC 4256, RFC 4335, RFC 4344, RFC 4345, RFC 4419, RFC 4462, RFC 5656, RFC 6594, RFC 6668, RFC 7479{{Cite web |url=https://www.openssh.com/specs.html |title=Specifications implemented by OpenSSH |website= The OpenBSD Project |access-date=14 October 2015}} [32] => }} [33] => [34] => '''OpenSSH''' (also known as '''OpenBSD Secure Shell'''{{Efn|"OpenBSD Secure Shell" name is mainly used in various {{Mono|sshd}} [[startup script]]s.}}) is a suite of [[Computer security|secure]] [[computer network|networking]] utilities based on the [[Secure Shell]] (SSH) protocol, which provides a [[secure channel]] over an unsecured network in a [[client–server model|client–server]] architecture.{{cite journal|last1=Venkatachalam|first1=Girish|title=The OpenSSH Protocol under the Hood|journal=Linux Journal|date=April 2007|issue=156|pages=74–77|via=the Discovery Database at LSU}} [35] => Network Working Group of the IETF, [36] => January 2006, [37] => RFC 4252, [38] => The Secure Shell (SSH) Authentication Protocol. [39] => [40] => [41] => OpenSSH started as a [[Fork (software development)|fork]] of the [[free software|free]] SSH program developed by Tatu Ylönen; later versions of Ylönen's SSH were [[proprietary software]] offered by [[SSH Communications Security]].{{r|itworld}} OpenSSH was first released in 1999 and is currently developed as part of the [[OpenBSD]] [[operating system]]. [42] => [43] => OpenSSH is not a single computer program, but rather a suite of programs that serve as alternatives to unencrypted protocols like [[Telnet]] and [[FTP]]. OpenSSH is integrated into several operating systems, namely [[Microsoft Windows]], [[macOS]] and most [[Linux]] operating systems,{{cite web [44] => |title = dragonfly.git/blob - crypto/openssh/README [45] => |url = https://gitweb.dragonflybsd.org/dragonfly.git/blob/HEAD:/crypto/openssh/README [46] => |website = gitweb.dragonflybsd.org [47] => |access-date = 19 May 2016 [48] => |quote = This is the port of OpenBSD's excellent OpenSSH to Linux and other Unices. [49] => }}{{cite web [50] => |title = src/crypto/external/bsd/openssh/dist/README - view - 1.4 [51] => |url = http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/external/bsd/openssh/dist/README?rev=1.4&content-type=text/x-cvsweb-markup&only_with_tag=MAIN [52] => |website = NetBSD CVS Repositories [53] => |access-date = 19 May 2016 [54] => }} while the [[Porting|portable]] version is available as a package in other systems.{{cite web [55] => |url = https://software.opensuse.org/package/openssh [56] => |title = openssh [57] => |work = [[OpenSUSE]] [58] => |access-date = 17 May 2016 [59] => }}{{cite web [60] => |url = https://packages.debian.org/jessie/openssh-client [61] => |title = Debian -- Details of package openssh-client in jessie [62] => |work = [[Debian]] [63] => |access-date = 17 May 2016 [64] => }}{{cite web [65] => |url = https://www.archlinux.org/packages/core/x86_64/openssh/ [66] => |title = Arch Linux - openssh 7.2p2-1 (x86_64) [67] => |work = [[Arch Linux]] [68] => |access-date = 17 May 2016 [69] => }} [70] => [71] => == History == [72] => OpenBSD Secure Shell was created by [[OpenBSD]] developers as an alternative to the original SSH software by Tatu Ylönen, which is now [[proprietary software]].{{cite web | url = https://www.openssh.com/history.html | title = Project History and Credits | publisher = OpenBSD | access-date = 8 April 2008}} Although [[source code]] is available for the original SSH, various restrictions are imposed on its use and distribution. OpenSSH was created as a [[Fork (software development)|fork]] of Björn Grönvall's [[OSSH]] that itself was a fork of Tatu Ylönen's original free SSH 1.2.12 release,[http://www.mirrorservice.org/sites/ftp.wiretapped.net/pub/security/cryptography/apps/ssh/OSSH/ OSSH sources] which was the last one having a license suitable for forking.[https://marc.info/?l=secure-shell&m=88561413417101 ssh-1.2.13 now available: copying policy changed (permission now required to sell ssh commercially, use is still permitted for any purpose)]{{cite web |url=https://www.openssh.com/history.html |title=OpenSSH: Project History and Credits |date=22 December 2004|access-date=27 February 2014 |publisher=openssh.com}} The OpenSSH developers claim that their application is more secure than the original, due to their policy of producing clean and [[audit]]ed code and because it is released under the [[BSD license]], the [[open-source license]] to which the word ''open'' in the name refers. [73] => [74] => OpenSSH first appeared in OpenBSD 2.6. The first portable release was made in October 1999.{{cite web |url=http://freshmeat.net/projects/openssh/?branch_id=8267&release_id=26745 |title=Portable OpenSSH – Freecode |publisher=Freshmeat.net |access-date=11 February 2014}} Developments since then have included the addition of ciphers (e.g., [[ChaCha20-Poly1305]] in 6.5 of January 2014{{cite web |url=http://it.slashdot.org/story/13/12/11/173213/openssh-has-a-new-cipher-chacha20-poly1305-from-dj-bernstein |title= OpenSSH Has a New Cipher — Chacha20-poly1305 — from D.J. Bernstein |first=Constantine A. |last=Murenin |editor=Unknown Lamer |date=11 December 2013 |access-date=26 December 2014 |publisher=[[Slashdot]]}}), cutting the dependency on [[OpenSSL]] (6.7, October 2014{{cite web |url=http://it.slashdot.org/story/14/04/30/1822209/openssh-no-longer-has-to-depend-on-openssl |title= OpenSSH No Longer Has To Depend On OpenSSL |first=Constantine A. |last=Murenin |editor=Soulskill |date=30 April 2014 |access-date=26 December 2014 |publisher=[[Slashdot]]}}) and an extension to facilitate [[Public-key cryptography|public-key]] discovery and rotation for trusted hosts (for transition from [[Digital Signature Algorithm|DSA]] to [[Ed25519]] public host keys, version 6.8 of March 2015{{cite web |url=http://it.slashdot.org/story/15/02/01/0533208/openssh-will-feature-key-discovery-and-rotation-for-easier-switching-to-ed25519 |title= OpenSSH Will Feature Key Discovery and Rotation For Easier Switching To Ed25519 |first=Constantine A. |last=Murenin |editor=Soulskill |date=1 February 2015 |access-date=1 February 2015 |publisher=[[Slashdot]]}}). [75] => [76] => On 19 October 2015, [[Microsoft]] announced that OpenSSH will be natively supported on [[Microsoft Windows]] and accessible through [[PowerShell]], releasing an early implementation and making the code publicly available.{{cite web |url=https://devblogs.microsoft.com/powershell/openssh-for-windows-update/ |title= OpenSSH for Windows Update |date=19 October 2015 |access-date=23 October 2015}} OpenSSH-based client and server programs have been included in [[Windows 10]] since version 1803. The SSH client and key agent are enabled and available by default, and the SSH server is an optional Feature-on-Demand.{{cite web |url=https://devblogs.microsoft.com/commandline/windows10v1803/ |title=What's new for the Command Line in Windows 10 version 1803 |website=Windows Command Line Tools For Developers |first=Yosef |last=Durr |date=7 March 2018}} [77] => [78] => In October 2019 protection for private keys at rest in RAM against speculation and memory [[side-channel attacks]] were added in OpenSSH 8.1.{{cite web |url=https://www.wikieduonline.com/wiki/OpenSSH_changelog |title=Protection for private keys at rest in RAM}} [79] => [80] => == Development == [81] => [[File:OpenSSH CLI.png|thumb|OpenSSH remotely controlling a server through Unix shell]] [82] => [83] => OpenSSH is developed as part of the OpenBSD [[operating system]]. Rather than including changes for other operating systems directly into OpenSSH, a separate [[porting|portability]] infrastructure is maintained by the OpenSSH Portability Team, and "portable releases" are made periodically. This infrastructure is substantial, partly because OpenSSH is required to perform [[authentication]], a capability that has many varying implementations. This model is also used for other OpenBSD projects such as [[OpenNTPD]]. [84] => [85] => The OpenSSH suite includes the following [[Command-line utility|command-line utilities]] and [[Daemon (computer software)|daemons]]: [86] => * {{Mono|[[Secure Copy|scp]]}}, a replacement for {{Mono|[[rcp (Unix)|rcp]]}}. [87] => * {{Mono|[[Secure file transfer program|sftp]]}}, a replacement for {{Mono|[[File Transfer Protocol|ftp]]}} to copy files between computers. [88] => * {{Mono|ssh}}, a replacement for {{Mono|[[rlogin]]}}, {{Mono|[[Remote Shell|rsh]]}} and {{Mono|[[telnet]]}} to allow [[Shell (computing)|shell]] access to a remote machine. [89] => * {{Mono|[[ssh-add]]}} and {{Mono|[[ssh-agent]]}}, utilities to ease authentication by holding keys ready and avoid the need to enter passphrases every time they are used. [90] => * {{Mono|[[ssh-keygen]]}}, a tool to inspect and generate the [[RSA (algorithm)|RSA]], [[Digital Signature Algorithm|DSA]] and [[Elliptic-curve cryptography|elliptic-curve]] keys that are used for user and host [[authentication]]. [91] => * {{Mono|[[ssh-keyscan]]}}, which scans a list of hosts and collects their public keys. [92] => * {{Mono|sshd}}, the SSH server daemon. [93] => [94] => The OpenSSH server can authenticate users using the standard methods supported by the [[Secure Shell|SSH]] protocol: with a password; [[public-key]] authentication, using per-user keys; host-based authentication, which is a secure version of {{Mono|rlogin}}'s host trust relationships using public keys; keyboard-interactive, a generic [[challenge–response]] mechanism, which is often used for simple password authentication, but which can also make use of stronger authenticators such as [[Security token|tokens]]; and [[Kerberos (protocol)|Kerberos]]/[[Generic Security Services Application Program Interface|GSSAPI]]. The server makes use of authentication methods native to the host operating system; this can include using the [[BSD Authentication]] system or [[pluggable authentication modules]] (PAM) to enable additional authentication through methods such as [[one-time password]]s. However, this occasionally has side effects: when using PAM with OpenSSH, it must be run as [[superuser|root]], as root privileges are typically required to operate PAM. OpenSSH versions after 3.7 (16 September 2003) allow PAM to be disabled at run-time, so regular users can run sshd instances. [95] => [96] => On OpenBSD, OpenSSH uses a dedicated {{Mono|sshd}} user by default to drop privileges and perform privilege separation in accordance with the [[principle of least privilege]], applied throughout the operating system including the [[Xenocara]] [[X Window System|X server]]. [97] => [98] => == Features == [99] => OpenSSH includes the ability to set up a secured channel through which data sent to local, client-side [[Unix domain sockets]] or local, client-side [[Transmission Control Protocol|TCP]] ports may be "[[port forwarding|forwarded]]" (sent across the secured channel) for routing on the server side; when this forwarding is set up, the server is instructed to send that forwarded data to some socket or TCP host/port (the host could be the server itself, "localhost"; or, the host may be some other computer, so that it appears to the other computer that the server is the originator of the data). The forwarding of data is bidirectional, meaning that any return communication is itself forwarded back to the client-side in the same manner; this is known as an "[[SSH tunnel|SSH tunnel]]",{{cite web [100] => | url = https://man.openbsd.org/ssh.1 | title = OpenBSD manual pages: SSH [101] => | date = 3 July 2014 | access-date = 14 July 2014 [102] => | website = openbsd.org [103] => }} and it can be used to multiplex additional TCP connections over a single SSH connection since 2004,{{cite web|url=https://www.openssh.com/releasenotes.html|title=OpenSSH Release Notes}} to conceal connections, to encrypt protocols that are otherwise unsecured, and to circumvent firewalls by sending/receiving all manner of data through one port that is allowed by the firewall. For example, an [[X Window System]] tunnel may be created automatically when using OpenSSH to connect to a remote host, and other protocols, such as [[Hypertext Transfer Protocol|HTTP]] and [[Virtual Network Computing|VNC]], may be forwarded easily.{{cite web|title=Features|url=https://www.openssh.com/features.html|website=OpenSSH|access-date=26 June 2016}} [104] => [105] => Tunneling a TCP-''encapsulating'' payload (such as [[Point-to-Point Protocol|PPP]]) over a TCP-based connection (such as SSH's [[port forwarding]]) is known as "TCP-over-TCP", and doing so can induce a dramatic loss in transmission performance (a problem known as "TCP meltdown"),{{cite web [106] => | url=http://sites.inka.de/bigred/devel/tcp-tcp.html [107] => | title=Why TCP Over TCP Is A Bad Idea [108] => | first=Olaf [109] => | last=Titz [110] => | date=2001-04-23 [111] => | access-date=2015-10-17}}{{cite conference [112] => | bibcode=2005SPIE.6011..138H [113] => | title=Understanding TCP over TCP: effects of TCP tunneling on end-to-end throughput and latency [114] => |author1=Honda, Osamu |author2=Ohsaki, Hiroyuki |author3=Imase, Makoto |author4=Ishizuka, Mika |author5=Murayama, Junichi | s2cid=8945952 [115] => |book-title=Performance, Quality of Service, and Control of Next-Generation Communication and Sensor Networks III [116] => | volume=6011 [117] => | date=October 2005 [118] => | doi=10.1117/12.630496 [119] => | citeseerx=10.1.1.78.5815 [120] => | editor1-last=Atiquzzaman [121] => | editor1-first=Mohammed [122] => | editor2-last=Balandin [123] => | editor2-first=Sergey I [124] => }} which is why [[virtual private network]] software may instead use for the tunnel connection a protocol simpler than TCP. However, this is often not a problem when using OpenSSH's port forwarding, because many use cases do not entail TCP-over-TCP tunneling; the meltdown is avoided because the OpenSSH client processes the local, client-side TCP connection in order to get to the actual payload that is being sent, and then sends that payload directly through the tunnel's own TCP connection to the server side, where the OpenSSH server similarly "unwraps" the payload in order to "wrap" it up again for routing to its final destination.{{cite mailing list [125] => | title=Re: Extensions for long fat networks? [126] => | date=2003-06-13 [127] => | first=Dan [128] => | last=Kaminsky [129] => | author-link=Dan Kaminsky [130] => | mailing-list=openssh-unix-dev@mindrot.org [131] => | url=https://marc.info/?l=openssh-unix-dev&m=105554033415532 [132] => | quote=the TCP forwarding code is pretty speedy as well. Just to pre-answer a question, ssh decapsulates and re-encapsulates TCP, so you don't have classic TCP-over-TCP issues.}} [133] => [134] => In addition, some third-party software includes support for tunnelling over SSH. These include [[DistCC]], [[Concurrent Versions System|CVS]], [[rsync]], and [[Fetchmail]]. On some operating systems, remote [[file system]]s can be mounted over SSH using tools such as [[sshfs]] (using [[Filesystem in Userspace|FUSE]]). [135] => [136] => An ''ad hoc'' [[SOCKS]] proxy server may be created using OpenSSH. This allows more flexible proxying than is possible with ordinary port forwarding. [137] => [138] => Beginning with version 4.3, OpenSSH implements an [[Open Systems Interconnection|OSI]] layer 2/3 [[TUN/TAP|tun]]-based [[Virtual private network|VPN]]. This is the most flexible of OpenSSH's tunnelling capabilities, allowing applications to transparently access remote network resources without modifications to make use of SOCKS.{{cite web [139] => | url = https://www.openssh.com/txt/release-4.3 [140] => | title = OpenSSH 4.3 Release Notes [141] => | date = 1 February 2006 | access-date = 14 July 2014 [142] => | website = openssh.com [143] => }} [144] => [145] => === Supported public key types === [146] => OpenSSH supports the following public key types:{{Cite web|url=https://www.man7.org/linux/man-pages/man8/sshd.8.html#AUTHORIZED_KEYS_FILE_FORMAT|title=SSHD(8) - Linux manual page}}{{Cite web|url=https://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/sshd_config.5#PubkeyAcceptedAlgorithms|title=Sshd_config(5) - OpenBSD manual pages}} [147] => * ssh-[[Digital Signature Standard|dss]] (disabled at run-time since OpenSSH 7.0, released in 2015){{cite web |title=OpenSSH 7.0 release notes |url=https://www.openssh.com/txt/release-7.0 |website=OpenSSH |access-date=2022-11-13 |date=2015-08-11}} [148] => * ssh-[[RSA (cryptosystem)|rsa]] (disabled at run-time since OpenSSH 8.8, released in 2021){{cite web |title=OpenSSH 8.8 release notes |url=https://www.openssh.com/txt/release-8.8 |website=OpenSSH |access-date=2022-11-13 |date=2021-09-26}} [149] => * [[ECDSA|ecdsa]]-[[SHA-2|sha2]]-nistp256 (since OpenSSH 5.7, released in 2011){{cite web |title=OpenSSH 5.7 release notes |url=https://www.openssh.com/txt/release-5.7 |website=OpenSSH |access-date=2022-11-13 |date=2011-01-24}} [150] => * [[ECDSA|ecdsa]]-[[SHA-2|sha2]]-nistp384 (since OpenSSH 5.7) [151] => * [[ECDSA|ecdsa]]-[[SHA-2|sha2]]-nistp521 (since OpenSSH 5.7) [152] => * ssh-[[ed25519]] (since OpenSSH 6.5, released in 2014){{cite web |title=OpenSSH 6.5 release notes |url=https://www.openssh.com/txt/release-6.5 |website=OpenSSH |access-date=2022-11-13 |date=2014-01-29}} [153] => * [[RSA (cryptosystem)|rsa]]-[[SHA-2|sha2]]-256 (since OpenSSH 7.2, released in 2016){{cite web |title=OpenSSH 7.2 release notes |url=https://www.openssh.com/txt/release-7.2 |website=OpenSSH |access-date=2022-11-13 |date=2016-02-29}} [154] => * [[RSA (cryptosystem)|rsa]]-[[SHA-2|sha2]]-512 (since OpenSSH 7.2) [155] => * [[ECDSA|ecdsa]]-sk (since OpenSSH 8.2, released in 2020){{cite web |title=OpenSSH 8.2 release notes |url=https://www.openssh.com/txt/release-8.2 |website=OpenSSH |access-date=2022-11-13 |date=2020-02-14}} [156] => * [[ed25519]]-sk (since OpenSSH 8.2) [157] => * [[NTRU Prime]]-[[x25519]] (since OpenSSH 9.0, released in 2022){{cite web |url=https://www.openssh.com/txt/release-9.0 |title=Changes since OpenSSH 8.9 (OpenSSH 9.0 release notes) |publisher=OpenSSH developers |date=2022-04-08}} [158] => [159] => == Vulnerabilities == [160] => {{Cleanup rewrite|2=section|date=May 2017}} [161] => [162] => Before version 5.2 of OpenSSH, it was possible for an attacker to recover up to 14 bits of plaintext with a success probability of 2−14.[https://www.openssh.com/txt/cbc.adv OpenSSH Security Advisory CBC Attack] The vulnerability was related to the CBC encryption mode. The AES CTR mode and arcfour ciphers are not vulnerable to this attack. [163] => [164] => A local privilege escalation vulnerability existed in OpenSSH 6.8 to 6.9 ({{CVE|2015-6565}}) due to world-writable (622) [[Teletype|TTY]] devices, which was believed to be a [[denial of service]] vulnerability.{{CVE|2015-6565}} With the use of the TIOCSTI [[ioctl]], it was possible for authenticated users to inject characters into other users terminals and execute arbitrary commands on Linux.[http://openwall.com/lists/oss-security/2017/01/26/2 OpenSSH PTY vulnerability] [165] => [166] => Malicious or compromised OpenSSH servers could read sensitive information on the client such as private login keys for other systems, using a vulnerability that relies on the undocumented connection-resuming feature of the OpenSSH client, which is called roaming, enabled by default on the client, but not supported on the OpenSSH server. This applies to versions 5.4 (released on 8 March 2010[https://lwn.net/Articles/377703/ OpenSSH 5.4 released]) to 7.1 of the OpenSSH client, and was fixed in OpenSSH 7.1p2, released on 14 January 2016. [[CVE number]]s associated to this vulnerability are {{CVE|2016-0777}} (information leak) and {{CVE|2016-0778}} (buffer overflow).{{cite web|url=https://www.theregister.co.uk/2016/01/14/openssh_is_wide_open_to_key_theft_thanks_to_roaming_flaw/|title=Evil OpenSSH servers can steal your private login keys to other systems – patch now|last=Thomson|first=Iain|work=The Register|date=14 January 2016}}[https://www.openssh.com/txt/release-7.1p2 OpenSSH 7.1p2 has just been released.] [167] => [168] => On March, 29 2024 a serious [[supply chain attack]] on [[XZ Utils backdoor|XZ Utils]] has been reported, targeting indirectly the OpenSSH server (sshd) running on Linux. The OpenSSH code is not directly concerned, the backdoor is caused by the dependencies on liblzma via [[Systemd|libsystemd]] applied by a tierce patch, applied by various Linux distributions. [169] => [170] => == Trademark == [171] => In February 2001, Tatu Ylönen, Chairman and CTO of SSH Communications Security informed the OpenSSH development mailing list that the company intended to assert its ownership of the "SSH" and "Secure Shell" [[trademark]]s,{{cite mailing list |url=http://marc.info/?l=openssh-unix-dev&m=98265248404463&w=2 |publisher=[[MARC (archive)|MARC]] |last=Ylonen |first=Tatu |title=SSH trademarks and the OpenSSH product name |mailing-list=openssh-unix-dev |date=14 February 2001 |access-date=11 February 2014}} and sought to change references to the protocol to "SecSH" or "secsh", in order to maintain control of the "SSH" name. He proposed that OpenSSH change its name in order to avoid a lawsuit, a suggestion that developers resisted. OpenSSH developer Damien Miller replied urging Ylönen to reconsider, arguing that "SSH" had long since been a [[generic trademark]].{{cite mailing list |url=http://marc.info/?l=openssh-unix-dev&m=98265248404477&w=2 |publisher=[[MARC (archive)|MARC]] |last=Miller |first=Damien |title=Re: SSH trademarks and the OpenSSH product name |mailing-list=openssh-unix-dev |date=14 February 2001 |access-date=11 February 2014}} [172] => [173] => At the time, "SSH", "Secure Shell" and "ssh" had appeared in documents proposing the protocol as an open standard. Without marking these within the proposal as registered trademarks, Ylönen ran the risk of relinquishing all exclusive rights to the name as a means of describing the protocol. Improper use of a trademark, or allowing others to use a trademark incorrectly, results in the trademark becoming a generic term, like [[Kleenex]] or [[Aspirin]], which opens the mark to use by others.{{cite web |url=http://www.cnet.com/news/ssh-dont-use-that-trademark/ |title=Ssh! Don't use that trademark |last=Lemos |first=Robert |date=2 January 2002 |website=CNET |access-date=19 May 2016}} After study of the [[USPTO]] trademark database, many online pundits opined that the term "ssh" was not trademarked, merely the logo using the lower case letters "ssh". In addition, the six years between the company's creation and the time when it began to defend its trademark, and that only OpenSSH was receiving threats of legal repercussions, weighed against the trademark's validity.{{Cite web |url=http://www.newsforge.com/article.pl?sid=01/02/16/1520247 |title=Ylönen: We own ssh trademark, but here's a proposal |last=Ylonen |first=Tatu |date=1 March 2002 |website=[[NewsForge]]|archive-url=https://web.archive.org/web/20020301095306/http://www.newsforge.com/article.pl?sid=01%2F02%2F16%2F1520247 |archive-date=1 March 2002 |access-date=20 May 2016 |url-status=dead |df=dmy-all}} [174] => [175] => Both developers of OpenSSH and Ylönen himself were members of the IETF working group developing the new standard; after several meetings this group denied Ylönen's request to rename the protocol, citing concerns that it would set a bad precedent for other trademark claims against the IETF. The participants argued that both "Secure Shell" and "SSH" were generic terms and could not be trademarks.{{cite web |last=Duffy Marsan |first=Carolyn |url=https://www.computerworld.com/article/2798631/secure-shell-inventor-denied-trademark-request.html |title=Secure Shell inventor denied trademark request |publisher=ITworld.com |date=22 March 2001 |access-date=14 December 2021}} [176] => [177] => == See also == [178] => {{Portal|Free and open-source software}} [179] => [180] => * [[Comparison of SSH clients]] [181] => * [[Comparison of SSH servers]] [182] => * [[SSH File Transfer Protocol]] (SFTP) [183] => [184] => == Notes == [185] => {{Notelist}} [186] => [187] => == References == [188] => {{Reflist|30em}} [189] => [190] => == External links == [191] => {{Wikibooks}} [192] => {{Commons category}} [193] => [194] => * {{Official website|https://www.openssh.com/}} [195] => * {{man|1|ssh|OpenBSD}} [196] => * {{man|8|sshd|OpenBSD}} [197] => * [http://BXR.SU/OpenBSD/usr.bin/ssh/ OpenSSH] at the Super User's BSD Cross Reference (BXR.SU) [[OpenGrok]] [198] => * [https://ss64.com/nt/ssh.html SSH OpenSSH - Windows CMD - SS64.com] [199] => [200] => {{OpenBSD}} [201] => {{Cryptographic software}} [202] => {{FLOSS}} [203] => {{Windows commands}} [204] => [205] => [[Category:Cross-platform free software]] [206] => [[Category:Cryptographic software]] [207] => [[Category:Free network-related software]] [208] => [[Category:Free security software]] [209] => [[Category:OpenBSD|SSH]] [210] => [[Category:Secure Shell]] [211] => [[Category:Free software programmed in C]] [] => )
good wiki

OpenSSH

OpenSSH is a freely available open-source suite of secure networking tools used to encrypt network connections. It was developed as a replacement for the earlier, less secure protocols such as Telnet and FTP.

More about us

About

It was developed as a replacement for the earlier, less secure protocols such as Telnet and FTP. OpenSSH provides secure remote login, file transfer, and tunneling capabilities, ensuring confidentiality and integrity of data exchanged over a network. OpenSSH supports various authentication methods, including password-based authentication, public-key cryptography, and host-based authentication. It uses the Secure Shell (SSH) protocol, which provides a secure channel for communicating between two networked devices. This secure channel encrypts all data exchanged between the client and server, protecting it from eavesdropping and tampering. The suite includes several utility programs, such as ssh (the secure shell client), sshd (the secure shell server), scp (secure copy), and sftp (secure file transfer protocol), among others. These tools allow users to securely log in to remote systems, transfer files between systems, and establish secure tunnels for forwarding network connections. OpenSSH is widely used in the Unix-like operating system environment, and it has become the de facto standard for secure remote access. It has also been ported to other operating systems, including Windows, macOS, and various mobile platforms. Its open-source nature allows users to review the source code for security auditing and customization. The development of OpenSSH began in 1999 as a response to the limitations and vulnerabilities of existing remote access protocols. It has since evolved to become a highly secure and reliable solution for remote administration and file transfer. OpenSSH is actively maintained by a team of developers and continually updated to address new security threats and vulnerabilities. Overall, OpenSSH has played a crucial role in the widespread adoption of secure remote access and file transfer protocols. Its robust security features, ease of use, and widespread compatibility have made it an essential tool for individuals and organizations seeking to protect their network communications.

Expert Team

Vivamus eget neque lacus. Pellentesque egauris ex.

Award winning agency

Lorem ipsum, dolor sit amet consectetur elitorceat .

10 Year Exp.

Pellen tesque eget, mauris lorem iupsum neque lacus.

You might be interested in

Aspirin

Aspirin, also known as acetylsalicylic acid, is a medication used to treat pain, fever, and inflammation.

Debian

Debian is a popular operating system that is based on the Linux kernel.

Ed25519

Linux

Linux is a free and open-source operating system based on the Unix operating system.

Microsoft

Microsoft Corporation is an American multinational technology company founded by Bill Gates and Paul Allen in 1975.

OpenSSL

OpenSSL is an open-source software library that provides secure communication over computer networks.

Public-key

Rsync

Rsync is a widely-used utility for file synchronization and transfer.

SHA-2

SHA-2 (Secure Hash Algorithm 2) is a cryptographic hash function designed by the National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST) as a successor to SHA-1.