100% Free Forever
AI-Powered Learning
Industry Expert Content
Certificates & Badges
Learn At Your Own Pace

What is SSH (Secure Shell)?

Learn what SSH is, how key exchange and authentication work, and why it secures remote access — with networking interview Q&A.

easyQ41 of 224 in Computer Networks Est. time: 5 minsLast updated:
Open Code Lab

Expected Interview Answer

SSH (Secure Shell) is an encrypted application-layer protocol, typically running on TCP port 22, that provides secure remote login, command execution, and file transfer between two hosts by authenticating the connection and encrypting all traffic end to end.

When an SSH client connects, the client and server first perform a key exchange to agree on a shared session key and verify the server’s identity using its host key, protecting against eavesdropping and man-in-the-middle attacks. Authentication then happens either by password or, more securely, by public-key cryptography, where the client proves possession of a private key without ever sending it over the network. Once authenticated, every byte exchanged — commands, output, and any tunneled traffic — is encrypted, which is why SSH replaced Telnet, rlogin, and FTP for interactive administration. Beyond a plain shell, SSH also supports secure file copying (scp, sftp), port forwarding/tunneling, and running remote commands non-interactively, making it a foundational tool for server administration, DevOps automation, and Git-over-SSH workflows.

  • Encrypts the full session, preventing credential and data leakage
  • Supports strong public-key authentication, not just passwords
  • Verifies server identity via host keys to prevent MITM attacks
  • Enables secure file transfer and port tunneling, not just a shell

AI Mentor Explanation

SSH is like a team’s coded sign language and a locked dressing-room door combined — the coach’s instructions are exchanged using pre-agreed signals nobody outside the team can decode, and entry to the dressing room requires a key only trusted players hold. Even if an opponent watches every signal, they cannot reconstruct the actual instruction without the shared code. This dual layer of hidden meaning plus verified identity is exactly how SSH combines encryption with authentication.

Step-by-Step Explanation

  1. Step 1

    TCP connect

    The SSH client opens a TCP connection to the server, typically on port 22.

  2. Step 2

    Key exchange

    Client and server negotiate a shared session key and the server proves its identity via its host key.

  3. Step 3

    Authentication

    The client authenticates using a password or, preferably, a public/private key pair.

  4. Step 4

    Encrypted session

    All subsequent commands, output, and any tunneled traffic are encrypted end to end.

What Interviewer Expects

  • Explains SSH provides both encryption and authentication
  • Distinguishes password auth from stronger public-key auth
  • Mentions host key verification and MITM protection
  • Knows SSH also enables scp/sftp and port forwarding, not just a shell

Common Mistakes

  • Thinking SSH is just an encrypted version of Telnet with no extra features
  • Confusing the public key (shareable) with the private key (must stay secret)
  • Ignoring host key verification prompts ("yes" without checking) in practice
  • Not knowing SSH supports port forwarding and secure file transfer

Best Answer (HR Friendly)

SSH is the secure way to log into and control a remote computer over a network — everything you type and see is encrypted, so even if someone is watching the network traffic, they cannot read your password or commands. It is the standard tool developers and system administrators use every day to manage servers safely.

Code Example

Connecting and authenticating with SSH
# Connect to a remote server using SSH
ssh deploy@203.0.113.10

# Generate a public/private key pair for key-based authentication
ssh-keygen -t ed25519 -C "deploy@laptop"

# Copy the public key to a server to enable passwordless login
ssh-copy-id -i ~/.ssh/id_ed25519.pub deploy@203.0.113.10

# Securely copy a file to a remote host
scp report.pdf deploy@203.0.113.10:/home/deploy/

Follow-up Questions

  • How does SSH public-key authentication actually work under the hood?
  • What is SSH port forwarding used for?
  • What happens if a server's host key changes unexpectedly?
  • How does SSH differ from a VPN in what it protects?

MCQ Practice

1. What TCP port does SSH use by default?

SSH listens on TCP port 22 by default.

2. What does SSH public-key authentication require the client to prove?

The client proves it holds the private key corresponding to an authorized public key, without transmitting the private key itself.

3. Which of these is NOT a capability of SSH?

SSH does not broadcast unencrypted traffic; all its capabilities operate over the encrypted session.

Flash Cards

What is SSH?An encrypted protocol for secure remote login, command execution, and file transfer, typically on TCP port 22.

SSH authentication methods?Password authentication or stronger public/private key authentication.

What is a host key for?Lets the client verify it is connecting to the genuine server, preventing MITM attacks.

What else can SSH do besides a shell?Secure file transfer (scp/sftp) and port forwarding/tunneling.

1 / 4

Continue Learning