Instructor: David Gloag

David has over 40 years of industry experience in software development and information technology and a bachelor of computer science

Security, security, security - the three most important areas in today's Internet-based world! In this lesson, we'll take a look at two important security technologies, SSL and SSH, and how they keep us safe.

Security - Necessity and Convenience

The need for online security is ever-present these days. From a personal perspective, we conduct sensitive purchase transactions over the Internet almost daily. Just think of that music purchase from iTunes, or that small appliance order from Amazon. Transactions like these save time, effort, and, in some cases, money. From a business perspective, employees are taking advantage of the convenience of working remotely from home and connecting to company networks over the Internet. In both of these situations, is it a wonder that some level of security is required? Not really. And technologies like SSL and SSH are making that happen.

What Is SSL?

SSL stands for Secure Sockets Layer. It is technology used for establishing an encrypted connection between a web server and a browser. This process uses a certificate to protect the transmitted information. Certificates are created using two keys, one private, used for decrypting data and known only to you, and one public, used for encrypting data and known to everyone. The certificate is registered as a central body, and only contains the public key. Anyone wishing to have secure communications with you installs your certificate on their machine, and the rest is taken care of by the browser and target server.

Think back to that small appliance order from the Amazon example. You log into your Amazon account, entering your user ID and password. Without the encryption provided by SSL, this information would be transmitted as regular text that's readable to everyone. Anyone with malicious intent could exploit this information by making additional purchases in your name, corrupting important information, or stealing your hard-earned money.

What Is SSH?

SSH stands for Secure Shell. It is technology that allows an encrypted remote login and other services to a network. The finer details aren't important for the purposes of this lesson, but the general process goes as follows. You start out by establishing a connection to the company server. You are then prompted for a user ID and password, which you enter at each prompt. This is similar to what happens when you are sitting in your office at your desk. If successful, you are presented with a command prompt, much like the command line interface of your operating system. A command prompt is simply a means to interact with the computer on a text basis. You type the name of a command and any options you would like executed. From there, the operating system does the rest.

You don't generally see this technology used a lot these days. SSH is used for more administrative tasks where security is of prime importance. Normal users simply don't perform these type of tasks. For example, someone might use SSH to help with the remote mounting of a hard drive volume in the Linux operating system using the command line. Still, even this type of thing is rare, as most operating systems now have graphical user interfaces that make the command line use infrequent.

