Editing Secure Shell (section)

==Historical development==
===Version 1===
In 1995, '''Tatu Ylönen''', a researcher at [[Helsinki University of Technology]] in Finland designed the first version of the protocol (now called '''SSH-1''') prompted by a password-[[Packet analyzer|sniffing]] attack at his [[university network]].<ref>{{cite web|author=Tatu Ylönen|url=https://www.scmagazineuk.com/the-new-skeleton-key-changing-the-locks-in-your-network-environment/article/545848/|title=The new skeleton key: changing the locks in your network environment|url-status=dead|archive-url=https://web.archive.org/web/20170820162632/https://www.scmagazineuk.com/the-new-skeleton-key-changing-the-locks-in-your-network-environment/article/545848/|archive-date=2017-08-20}}</ref> The goal of SSH was to replace the earlier [[rlogin]], [[TELNET]], [[FTP]]<ref>{{cite web|url=https://www.ssh.com/ssh/port|title=SSH Port|author=Tatu Ylönen|url-status=live|archive-url=https://web.archive.org/web/20170803235736/https://www.ssh.com/ssh/port|archive-date=2017-08-03}}</ref> and [[Remote Shell|rsh]] protocols, which did not provide strong authentication nor guarantee confidentiality. He chose the port number 22 because it is between <code>telnet</code> (port 23) and <code>ftp</code> (port 21).<ref>{{Cite web |last=Ylönen |first=Tatu |title=The story of the SSH port is 22. |url=https://www.ssh.com/academy/ssh/port |access-date=2023-11-30 |website=www.ssh.com |language=en}}</ref>

Ylönen released his implementation as [[freeware]] in July 1995, and the tool quickly gained in popularity. Towards the end of 1995, the SSH user base had grown to 20,000 users in fifty countries.<ref>{{Cite book |last1=Barrett |first1=Daniel J. |title=SSH, the secure shell: the definitive guide |last2=Silverman |first2=Richard E. |date=2001 |publisher=O'Reilly |isbn=978-0-596-00011-0 |edition=1st |location=Cambridge [Mass.] |page=11}}</ref>

In December 1995, Ylönen founded SSH Communications Security to market and develop SSH. The original version of the SSH software used various pieces of [[free software]], such as [[GNU Multi-Precision Library|GNU libgmp]], but later versions released by SSH Communications Security evolved into increasingly [[proprietary software]].

It was estimated that by 2000 the number of users had grown to 2 million.<ref name="Nicholas Rosasco and David Larochelle">{{cite web
 |author      = Nicholas Rosasco and David Larochelle
 |title       = How and Why More Secure Technologies Succeed in Legacy Markets: Lessons from the Success of SSH
 |publisher   = Dept. of Computer Science, Univ. of Virginia
 |work        = Quoting [[Daniel J. Barrett|Barrett]] and Silverman, SSH, the Secure Shell: The Definitive Guide, O'Reilly & Associates (2001)
 |url         = http://www.cs.virginia.edu/~drl7x/sshVsTelnetWeb3.pdf
 |access-date = 2006-05-19
 |url-status  = live
 |archive-url = https://web.archive.org/web/20060625065258/http://www.cs.virginia.edu/~drl7x/sshVsTelnetWeb3.pdf
 |archive-date = 2006-06-25
}}</ref>

===Version 2===
In 2006, after being discussed in a working group named "secsh",<ref>[https://datatracker.ietf.org/wg/secsh/documents/ IETF (Internet Engineering Task Force): datatracker for secsh ]</ref> a revised version of the SSH protocol, '''SSH-2''' was adopted as a standard.<ref name="rfc-ssh">[https://datatracker.ietf.org/doc/html/rfc4252 RFC4252: The Secure Shell (SSH) Authentication Protocol, Jan 2006]</ref> This version offers improved security and new features, but is not compatible with SSH-1. For example, it introduces new key-exchange mechanisms like [[Diffie–Hellman key exchange]], improved [[data integrity]] checking via [[message authentication code]]s like [[MD5]] or [[SHA-1]], which can be negotiated between client and server. SSH-2 also adds stronger encryption methods like [[Advanced_Encryption_Standard|AES]] which eventually replaced weaker and compromised ciphers from the previous standard like [[Triple DES|3DES]].<ref>[https://docstore.mik.ua/orelly/networking_2ndEd/ssh/ch03_05.htm O'Reily: Secure Shell, The Definitive Guide]</ref><ref>[https://datatracker.ietf.org/doc/html/rfc4250#page-16 RFC4250: The Secure Shell (SSH) Protocol: Assigned names, Jan 2006, page 16]</ref><ref name="rfc-ssh">[https://datatracker.ietf.org/doc/html/rfc4252 RFC4252: The Secure Shell (SSH) Authentication Protocol, Jan 2006]</ref> New features of SSH-2 include the ability to run any number of [[Unix shell|shell]] sessions over a single SSH connection.<ref>{{cite web|url=http://www.snailbook.com/faq/ssh-1-vs-2.auto.html|title=SSH Frequently Asked Questions|url-status=live|archive-url=https://web.archive.org/web/20041010035705/http://www.snailbook.com/faq/ssh-1-vs-2.auto.html|archive-date=2004-10-10 }}</ref> Due to SSH-2's superiority and popularity over SSH-1, some implementations such as libssh (v0.8.0+),<ref>{{cite web|url=https://www.libssh.org/2018/08/10/libssh-0-8-0/|title=libssh}}</ref> [[Lsh]]<ref>{{cite web|url=http://www.lysator.liu.se/~nisse/lsh/|title=A GNU implementation of the Secure Shell protocols|url-status=live|archive-url=https://web.archive.org/web/20120204035753/http://www.lysator.liu.se/~nisse/lsh/|archive-date=2012-02-04}}</ref> and [[Dropbear (software)|Dropbear]]<ref>{{cite web|url=https://matt.ucc.asn.au/dropbear/dropbear.html|title=Dropbear SSH|url-status=live|archive-url=https://web.archive.org/web/20111014091250/http://matt.ucc.asn.au/dropbear/dropbear.html|archive-date=2011-10-14}}</ref> eventually supported only the SSH-2 protocol.

===Version 1.99===
In January 2006, well after version 2.1 was established, {{IETF RFC|4253}} specified that an SSH server supporting 2.0 as well as prior versions should identify its protocol version as 1.99.<ref>{{cite ietf|rfc=4253|title=The Secure Shell (SSH) Transport Layer Protocol|section=5.1|sectionname=Old Client, New Server|first1=T.|last1=Ylonen|first2=C.|last2=Lonvick|publisher=IETF}}</ref> This version number does not reflect a historical software revision, but a method to identify [[backward compatibility]].

==={{Anchor|OSSH}}OpenSSH and OSSH===
In 1999, developers, desiring availability of a free software version, restarted software development from the 1.2.12 release of the original SSH program, which was the last released under an [[open source license]].<ref>[https://marc.info/?l=secure-shell&m=88561413417101 ssh-1.2.13 now available: copying policy changed (permission now required to sell ssh commercially, use is still permitted for any purpose)]</ref> This served as a code base for Björn Grönvall's OSSH software.<ref>[http://www.mirrorservice.org/sites/ftp.wiretapped.net/pub/security/cryptography/apps/ssh/OSSH/ OSSH sources]</ref> Shortly thereafter, [[OpenBSD]] developers [[fork (software development)|fork]]ed Grönvall's code and created [[OpenSSH]], which shipped with Release 2.6 of OpenBSD. From this version, a "portability" branch was formed to port OpenSSH to other operating systems.<ref>{{cite web |url=http://www.openssh.com/history.html |title=OpenSSH: Project History and Credits |date=2004-12-22 |access-date=2014-04-27 |publisher=openssh.com |url-status=live |archive-url=https://web.archive.org/web/20131224105341/http://openssh.com/history.html |archive-date=2013-12-24 }}</ref>

{{As of|2005}}, [[OpenSSH]] was the single most popular SSH implementation, being the default version in a large number of operating system distributions. OSSH meanwhile has become obsolete.<ref>{{cite web|date=2006-02-15|title=OSSH Information for VU#419241|url=https://www.kb.cert.org/vuls/id/MIMG-6L4LBL|url-status=live|archive-url=https://web.archive.org/web/20070927231942/https://www.kb.cert.org/vuls/id/MIMG-6L4LBL|archive-date=2007-09-27|website=CERT Coordination Center|quote=Either way ossh is old and obsolete and I don't recommend its use.}}</ref> OpenSSH continues to be maintained and supports the SSH-2 protocol, having expunged SSH-1 support from the codebase in the OpenSSH 7.6 release.

=== Future ===

In 2023, an alternative to traditional SSH was proposed under the name SSH3<ref>{{cite web|date=2024-08-01|website=datatracker.ietf.org|title=Remote terminal over HTTP/3 connections|url=https://datatracker.ietf.org/doc/draft-michel-remote-terminal-http3}}</ref><ref>{{cite web|date=2024-02-28|website=www.ietf.org|title=Secure shell over HTTP/3 connections|url=https://www.ietf.org/archive/id/draft-michel-ssh3-00.html}}</ref><ref>{{cite arXiv|date=2023-12-12|title=Towards SSH3: how HTTP/3 improves secure shells|eprint=2312.08396 |last1=Michel |first1=François |last2=Bonaventure |first2=Olivier |class=cs.NI }}</ref> by PhD student François Michel and Professor Olivier Bonaventure and its code has been made open source.<ref>{{cite web|date=2024-07-12|website=github.com|title=ssh3|url=https://github.com/francoismichel/ssh3}}</ref> This new version implements the original SSH Connection Protocol but operates on top of [[HTTP/3]], which runs on [[QUIC]]. It offers multiple features such as:

* Faster session establishment, reducing the number of [[Round-trip delay]]s from 5-7 to 3.
* High security: while SSHv2 relies on its own protocols, SSH3 leverages [[TLS 1.3]], [[QUIC]], and [[HTTP]].
* UDP port forwarding
* X.509 certificates
* OpenID Connect

However, the name SSH3 is under discussion, and the project aims to rename itself to a more suitable name.<ref>{{cite web|date=2024-02-28|website=datatracker.ietf.org|title=Secure shell over HTTP/3 connections|url=https://datatracker.ietf.org/doc/draft-michel-ssh3/}}</ref> The discussion stems from the fact that this new implementation significantly revises the SSH protocol, suggesting it should not be called SSH3.