How SSH Works

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
let's talk about the SSH protocol so this was first developed in 1995 by Tatu ulanin and I know I'm probably pronouncing that wrong but he was first inspired to develop this protocol after he discovered that there was a password sniffer being used on his Finnish University's Network so you see SSH it stands for secure shell before its invention people would have typically been using connections like telnet or our login to administer remote machines but the problem with telnet in our login is that they are not secure at all the packets that are sent with these Network Protocols are all sent in the clear now back in the early 90s before SSH was invented because with telnet I think that that was invented in the early 70s you know these kinds of connections that were being made at the time being unencrypted what wasn't really that big of a concern Because the Internet wasn't really fleshed out that much so most of the time if you were connecting to a so-called remote machine it still would have typically been on the same network you know maybe it's a server that's located somewhere else in the building of a campus but as things progressed and people started sending more and more connections over the Internet over a much larger Network where anybody could be listening in between well you can probably see how plain text connections would be a problem in this day and age since these connections are oftentimes used to administer really important machines like servers that might have a website running on them and you have the administrators who have to enter some kind of a username or password to do work on those machines so if somebody gets those credentials then it can really wreck some Havoc so it's very important to use a secure connection whenever you're on an insecure Network and even when you're dealing with local networks really because it can be pretty hard to know for sure if your local network is secure when you have a whole lot of people using it a whole lot of devices running on it I mean in this example the password sniffer was being used on the University's Network right so with SSH we are encrypting the data that is being sent over a network so if somebody is going to be sniffing this traffic because there's really nothing that we can do to prevent someone from sniffing it uh They're copying our packets and trying to inspect them they're not going to be able to see things like usernames and passwords to log into the remote machine now of course an adversary they can still see that there is data being transmitted so they could tell okay this person is making an SSH connection they can see the frequency of those packets that are being sent and they can see how many of them are being sent so there are some inferences that an adversary could make if they're listening in on this connection but not a whole lot more it's kind of like if you were to look outside and notice that your neighbor is getting a whole bunch of packages delivered to their house you could speculate about what they are or what they might doing and maybe they're building a new PC or something but you can't see inside the boxes so you can't know for sure now let's get a bit more technical because SSH it does more than just encrypt your data let's take a look at how the SSH connections are set up and what the packets themselves look like so when you initiate an SSH connection you first are establishing a TCP connection between the two machines well usually you can technically do SSH over something like websockets but generally you're going to be using TCP now for the packet itself at the beginning of it is the packet length which is four bytes in size and it simply tells us how big the packet is going to be then you have another byte which tells us how much padding the packet is going to have then you have the payload so this is the actual data that you want and then you have the actual padding so this isn't the padding size this is what we were referring to before we were talking about how big the padding is uh and it can vary that's why we Define the amount at the beginning now to explain this padding simply it's just random bytes that don't have any real meaning other than to be combined with the payload and then have the whole thing encrypted in order to make it harder for somebody who is sniffing this traffic to detect exactly what is going on like I mentioned earlier the encryption just makes sense that you can't read the data plainly but you can still try to infer things from the amount of data being transferred and how it's being transferred so the padding makes this a bit more difficult to do I guess it's sort of like if your neighbor had decoy packages on their porch mixed in with the real ones and then you have at the end a message authentication code which is sometimes called a tag which is used to validate the authenticity of the package basically it tells the recipient that none of the data in the packet had been tampered with along the way and also some kind of compression is oftentimes applied to the payload so that you can send more data without having to use more bandwidth because chances are that's going to be the bottleneck here in the connection is the bandwidth so this is the plain text structure but then when the packet is encrypted all that anybody that is in the middle listening to this communication can read is the packet length and then the message authentication code now the particular encryption that is used for all of this is negotiated between the client and the server of course either the client or the server could configure their preferences to disable the use of weaker encryption algorithms and that's actually an ongoing recommendation as different encryption methods become obsolete over time and this process is then repeated for multiple packets in a continuous way so that your Communications are well your Communications of course are always going to be made up of many many packets so this is that they're all going in the right order and nothing's getting messed up now on top of this you also have a series of channels that are being opened between your machine and the server and what this enables you to do is to have multiple connections between you and the server at once like if your terminal has tabs or if you open up multiple terminals if it doesn't have tabs for whatever reason and you might have multiple connections to the same server so maybe you have one that's uploading some data another one downloading and another one that you're actually really just using the Shell in like some kind of terminal based Text Editor to change configurations and then maybe you're saving and then restarting some services whatnot and you could also have a fourth connection going acting as like an SSH tunnel so taking something that would normally be encrypted or normally not encrypted and then tunneling it through SSH so all of this is made possible and it can be done at once with the multiplexing so SSH actually has a lot to it that you might not have previously thought about or known about and another cool thing that you could do with it particularly in a Linux environment is you could have X11 which is basically the core windowing system for Linux operating systems well there's Wayland now too which maybe you can do over SSH but X is still more widely used anyway it's possible to forward X11 over SSH which means that allows you to run graphical applications on a remote machine over that SSH connection so pretty cool right and then of course there's the tunneling that I mentioned earlier which can let you do things over an encrypted tunnel through SSH or if you wanted to connect to a service behind a firewall you might also accomplish that with SSH tunneling so that wraps up this summary for How SSH works if if you found this video useful be sure to leave a like comment and share the video with your friends as well as subscribe to my Odyssey channel for more great videos and you have a great rest of your day
Info
Channel: Mental Outlaw
Views: 493,076
Rating: undefined out of 5
Keywords: Mental Outlaw, mental, outlaw, ssh, how ssh works, secure shell, how secure shell works, ssh explained, ssh protocol, remote shell, how does ssh work, secure shell explained, ssh websockets, ssh tcp, ssh tunnel, ssh multiplexing
Id: 5JvLV2-ngCI
Channel Id: undefined
Length: 8min 54sec (534 seconds)
Published: Thu Apr 07 2022
Related Videos
SSH Keys
RobEdwards
104K
Linux File System/Structure Explained!
DorianDotSlash
4M
Stop Using Tor With VPNs
Mental Outlaw
775K
Learn Reverse Engineering (for hacking games)
cazz
1M
The Algorithm Behind Spell Checkers
b001
407K
Never install locally
Coderized
1.7M
How Does Linux Boot Process Work?
ByteByteGo
567K
100+ Docker Concepts you Need to Know
Fireship
851K
Worlds Dumbest Darknet Admin Gets Busted
Mental Outlaw
325K
The DOWNFALL of the Coffee Industry
Future Proof
90K
SSL, TLS, HTTP, HTTPS Explained
PowerCert Animated Videos
2.5M
Why VPNs are a WASTE of Your Money (usually…)
Cyberspatial
1.4M
How Hackers Move Through Networks (with Ligolo)
John Hammond
257K
How & Why to Mine Monero
Mental Outlaw
293K
Telnet vs SSH Explained
PowerCert Animated Videos
703K
9 - Cryptography Basics - SSH Protocol Explained
CBTVid
34K
SSL, TLS, HTTPS Explained
ByteByteGo
700K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.