3.1. Tổng quan about the special point of SSH
The special point of the main SSH protocol is:
- Tính data secret password (mật) of data via the encoding Mạnh tôi
- Tính Full-ven (toàn vẹn) of the information transfer, security đám them not change is variable.
- Chứng minh execute authentication (xác thực) means with certificate to send and format inside inside got
- License (uỷ quyền): used to access control to your account.
- Move next (chuyển tiếp) or create tunnel (đường hầm) to encoding the other version based protocol TCP / IP
3.1.1. Tính secret password (mật)
Tính secret password that is protected data is not displayed Exposure. Network bình máy tính case not security đám tính secret password, bat cứ ai truy cập section of the hard to to host or network connection with the network are will be read all data go qua network. Mặc even the network convert mạch max has the shrink vấn đề in this network local area but it still a problem that is fatal easy password is the bad mark ke cap.
SSH tính provide with the secret password encoded data network qua go. That is the first encoding hai based key random (sinh ra to server version for a connection and is huỷ go on version connection failed). SSH support for many encoding algorithm for data version, that is the toán dựng as standard encoding: AES, ARCFOUR, Blowfish, Twofish, IDEA, DES and triple-DES (3DES)
3.1.2. Tính Full-ven (Liêm)
Tính Full ven means security đám transfer data from a be the first to this network of the first Kia not change is. SSH protocol use method check code Full password Ven, method this check all the data has been changed variable or not to data and wrong with is not start làm Kia hay send. Use it algorithm MD5 hash is the key and SHA-1.
3.1.3. Chứng minh authentication (xác thực)
Chứng minh is authentication check định danh of ai that to defined Fine is wrong user or not that. Each SSH connection include the authentication hai: khách hàng check máy chủ định danh of SSH (máy chủ xác thực) and check máy chủ định danh of the user sr request truy cập (user authentication). Server chan sure that is chứng thực máy chủ SSH Fine not and must be ke lua Islands to đề room ke tấn send the public network connection to a different máy. Server xác thực also protected the bad is ke ngoi at between inside, lua gat both inside means bad ke says it will be with máy chủ client and said it is with khách hàng máy chủ to read data swap between inside.
Xác thực người dùng in traditional as is with the password. Authentication for your định danh, you must be given a password, and easy is get nắp. Add more, easy to memory a password, user ta normal set it and have short ý means that which should be easy ke bad guess ra. Password for you long than ta normal user select from the command or in language should also sinh bám được key is easy.
Support SSH authentication with password, password encoding transfer when it go on network. This is the very large Cải thiện giao against the expression xa truy cập normal from other (Telnet, FTP) that they password send qua network as văn bản rõ ràng. However, the authentication certificate is only as substitution certificate is done password simply because substitution SSH provide database mode Mạnh than and Easy use than: each người dùng have many letter kí key public (mỗi người dùng khoá công khai chữ ký) Cải process and a rlogin kiểu authentication with định danh host be check in public key khai. More than, the bản plugin different of SSH support system including a few bao other Kerberos, RSA, password S / Key one-time and PAM. A SSH client and server SSH Đàm phan with nhau to database specified authentication mode will use based configuration of them and even a server requires can many type execute authentication.
3.1.4. Level the license
Level the license has the tác determine ai that may be or not to make something. Community it ra after authentication, because you cannot accept a ai that have permission to know what when not that is ai. SSH server is how many different to limit of action khách hàng. Access to version login tác dynamic mutually nhau as cổng TCP and X Window chuyển tiếp, chính đại lý giao nhận, ... may be all are not control default not even all are the special point with all available on the plugin bản SSH , and they always or not tống Quất linh want to work as you ý. License can be at a control server level width (for example: / etc / ssh / sshd_config file for OpenSH) or by account depend on the use method authentication.
3.1.5. Forwarding (chuyển tiếp) or create tunnel (đường hầm)
Transition or create tunnel dịch package is closed server based on TCP other as Telnet IMAP or in a SSH version mang the symbol of the results security to SSH with service based on TCP non. For example, a connection Telnet Normal transfer tên người dùng, mật khẩu your login and version of you at format văn bản rõ ràng. Telnet with information how to convert next qua SSH, all data all data will be automatically hoá code check and tra định danh and you can use Authentication trusted tin SSH.
SSH support 3 next convert type:
TCP port forwarding:
SSH use TCP / IP database as transfer mode, normal use port 22 on máy server when it and encoding decode lưu quality network go on. Here we ta said to a special point and encoding decode luồng lưu TCP / IP about the other applications numeric, on port TCP SSH other use. Call this process is cổng chuyển tiếp, it has tính in suốt cao va kha Mạnh. Telnet, SMTP, NNTP, IMAP and the expression giao not secure non run TCP can be with the security đám transition connect qua SSH information. Port forwarding double when is called because đường hầm SSH connection cung a level "tunnel" Xuyên qua TCP connection to other can go through.
Assuming you have a Nhà máy H at running IMAP and you want to connect to a server IMAP on máy S to read and send mail. Normal connection does not this job security một đám Full, account and password is your mail transfer go as văn bản rõ ràng between the program you and the mail server. For SSH port forwarding, you can routing in the connection suốt IMAP (port TCP 143 found on server S) go to transfer via SSH, encoding security đám data transfer go on connection. Máy IMAP must run a server máy chủ SSH cổng chuyển tiếp cho to provide that the security đám.
However, SSH port forwarding only work on protocol TCP and as is not the on the other as protocol UDP hay AppleTalk
X chuyển tiếp
X is a system cửa sổ Phổ variable for the Work xe điện Unix, one of the most special good point of it is suốt tính in. Use X you can run application from X to open the xa window of them on screen display screen your local
Đại lý giao nhận
SSH client can Work with one on the same SSH đại lý máy a. Use a specific chuyển tiếp đại lý call is, khách hàng can also contact with the on the đại lý máy remote. Control Thuận Lợi it is allowed on many khách hàng máy Work with a đại lý and can avoid the problem associated to firewall.