6. Secure Shell

Networks often need remote system management, where the admin is in one building and the computer which needs attention is in another. Or programmers might work from home, using a remote access tool to use resources on the computers at work. The traditional tool which allowed these functions was a program called 'telnet', which gave access to a command line interface on the remote system.

The problem with telnet was that it sent everything using plain text. The modern version is SSH, which uses any of several encryption options and has a variety of ways to tell whether the user is authorised to connect to the host system. SSH stands for Secure SHell. "Shell" is a common term for the human/computer interface.

The SSH protocol has been used to provide secure ways to perform other common tasks. Different operating systems may have different tools, but common functions like copying or file management can often be done using tools which run over an encrypted SSH link.

SSH authenticates the computers on the first connection between each pair of computers - the two computers swap public keys, and on each subsequent connection check that the computers can decrypt a message. On the first connection, SSH depends on the user to verify that they have reached the correct computer. On subsequent connections, SSH will warn the user if it is uncertain of the remote computer's identity. Authentication security from that point is up to the user, though SSH will continue to encrypt traffic passing through it.