SSH Frequently Asked Questions
What's the difference between SSH and SSL/TLS?
SSL stands for "Secure Sockets Layer;" TLS, for "Transport Layer
Security." SSL was developed by Netscape for use in securing HTTP. That
is still its principal use, although there is nothing specific to HTTP
about SSL. When a browser accesses a URL which begins with "https", it
speaks HTTP over an SSL connection. TLS is the name of the IETF protocol
standard that grew out of SSL 3.0, and is documented by RFC 2246. We will use the term "TLS."
TLS has goals and features similar to those of the SSH Transport and User
Authentication protocols. It provides a single, full-duplex byte stream
to clients, with cryptographically assured privacy and integrity, and
optional authentication. It differs from SSH in the following principal
- TLS server authentication is optional: the protocol supports fully
anonymous operation, in which neither side is authenticated. Such
connections are inherently vulnerable to man-in-the-middle attacks. In SSH-TRANS,
server authentication is mandatory, which protects against such attacks.
Of course, it is always possible for a client to skip the step of
verifying that the public key supplied by the server actually belongs to
the entity the client intended to contact (e.g. using the
/etc/ssh_known_hosts file). However, SSH-TRANS at least
demands going through the motions.
- Both client and server authentication are done with X.509 public-key
certificates. This makes TLS a bit more cumbersome to use than SSH in
practice, since it requires a functioning public-key infrastructure (PKI)
to be in place, and certificates are more complicated things to generate
and manage than SSH keys. However, a PKI system provides scalable key
management for your trouble, which SSH currently lacks.
- TLS does not provide the range of client authentication options that
SSH does; public-key is the only option.
- TLS does not have the extra features provided by the other SSH
component: the SSH Connection Protocol (SSH-CONN). SSH-CONN uses the
underlying SSH-TRANS connection to provide muliple logical data channels to
the application, as well as support for remote program execution, terminal
management, tunnelled TCP connections, flow control, etc.