Editing Secure Shell (section)

=={{Anchor|ARCHITECTURE}}Architecture==
[[File:Ssh binary packet alt.svg|right|250px|thumb|Diagram of the SSH-2 binary packet.]]

The SSH protocol has a layered architecture with three separate components:
* The ''transport layer'' ({{IETF RFC|4253}}) typically uses the [[Transmission Control Protocol]] (TCP) of [[TCP/IP]], reserving [[port number#Common port numbers|port number]] 22 as a server listening port. This layer handles initial key exchange as well as server authentication, and sets up encryption, compression, and integrity verification. It exposes to the upper layer an interface for sending and receiving plaintext packets with a size of up to 32,768 bytes each, but more can be allowed by each implementation. The transport layer also arranges for key re-exchange, usually after 1 GB of data has been transferred or after one hour has passed, whichever occurs first.
* The ''user authentication layer'' ({{IETF RFC|4252}}) handles client authentication, and provides a suite of authentication algorithms. Authentication is ''client-driven'': when one is prompted for a password, it may be the SSH client prompting, not the server. The server merely responds to the client's authentication requests. Widely used user-authentication methods include the following:
** ''password'': a method for straightforward password authentication, including a facility allowing a password to be changed. Not all programs implement this method.
** ''publickey'': a method for [[public-key cryptography|public-key-based authentication]], usually supporting at least [[Digital Signature Algorithm|DSA]], [[Elliptic Curve Digital Signature Algorithm|ECDSA]] or [[RSA (algorithm)|RSA]] keypairs, with other implementations also supporting [[X.509]] certificates.
** ''keyboard-interactive'' ({{IETF RFC|4256}}): a versatile method where the server sends one or more prompts to enter information and the client displays them and sends back responses keyed-in by the user. Used to provide [[one-time password]] authentication such as [[S/Key]] or [[SecurID]]. Used by some OpenSSH configurations when [[Pluggable authentication modules|PAM]] is the underlying host-authentication provider to effectively provide password authentication, sometimes leading to inability to log in with a client that supports just the plain ''password'' authentication method.
** [[Generic Security Services Application Program Interface|GSSAPI]] authentication methods which provide an extensible scheme to perform SSH authentication using external mechanisms such as [[Kerberos (protocol)|Kerberos 5]] or [[NTLM]], providing [[single sign-on]] capability to SSH sessions. These methods are usually implemented by commercial SSH implementations for use in organizations, though OpenSSH does have a working GSSAPI implementation.
* The ''connection layer'' ({{IETF RFC|4254}}) defines the concept of channels, channel requests, and global requests, which define the SSH services provided. A single SSH connection can be multiplexed into multiple logical channels simultaneously, each transferring data bidirectionally. Channel requests are used to relay out-of-band channel-specific data, such as the changed size of a terminal window, or the exit code of a server-side process. Additionally, each channel performs its own flow control using the receive window size. The SSH client requests a server-side port to be forwarded using a global request. Standard channel types include:
** ''shell'' for terminal shells, SFTP and exec requests (including SCP transfers)
** ''direct-tcpip'' for client-to-server forwarded connections
** ''forwarded-tcpip'' for server-to-client forwarded connections
* The [[SSHFP]] DNS record (RFC 4255) provides the public host key fingerprints in order to aid in verifying the authenticity of the host.

This open architecture provides considerable flexibility, allowing the use of SSH for a variety of purposes beyond a secure shell. The functionality of the transport layer alone is comparable to [[Transport Layer Security]] (TLS); the user-authentication layer is highly extensible with custom authentication methods; and the connection layer provides the ability to multiplex many secondary sessions into a single SSH connection, a feature comparable to [[BEEP]] and not available in TLS.