SSH and SSL: What’s the Difference?

SSH stands for Secure Shell, it is used to establish a secure connection to servers or other machines. This is usually done via a user name and password or a certificate. It is usually done over port 22. It allows the user to know that the traffic between two machines is encrypted.

 

SSL stands for Secure Sockets Layer and usually operates over port 443. It is usually used to connect to websites securely, without the need to authenticate for a connection. SSL is usually implemented when sensitive details are been passed to a website, such as bank details. When SSL is implemented the user can be certain that his or her details are encrypted between his or her machine.

 

SSL uses certificates to authenticate. These certificates need to be verified by a certificate authority. Once the two parties are connected the information that is being passed between the two is secured by encryption. SSL uses a handshake procedure to allow the two systems to connect. During the handshake the parties agree various things such as SSL version.

 

SSH is usually used for transferring commands onto a server in a secure fashion while SSL is typically used to secure details such as bank details securely across the internet. SSH was created to improve on Telnet which was unprotected and on FTP.

 

SSL operates on the presentation layer while SSH operates on the application layer, i.e. only what is being passed through the SSH tunnel is being encrypted.

 

SSH and SSL both use similar cryptograhy techniques such as RSA which stands for Ron Rivest, Adi Shamir and Leonard Adleman (the creators of the cryptosystem) so both are as secure as one another. However, as we saw from the discussion above, SSH and SSL are quite different in what they do.

Leave a Reply

Your email address will not be published. Required fields are marked *