Connecting to Remote Systems With OpenSSH
Overview of the OpenSSH suite and how it secures connections between systems.
OpenSSH secures communications between networked systems.
This content was tested on Oracle Linux 8, Oracle Linux 9, and Oracle Linux 10. The procedures generally apply to other Oracle Linux releases and might also apply to other distributions.
OpenSSH includes the following tools:
scpprovides secure file copying.sftpimplements the Secure File Transfer Protocol (FTP).sshprovides a secure shell to log in to or run commands on a remote system.sshdis the daemon that supports the OpenSSH services.ssh-keygencreates SSH authentication keys.
The Digital Signature Algorithm (DSA) is considered deprecated. As such, authentication mechanisms that depend on DSA keys don't work in the default configuration for Oracle Linux 8 or later. Note also that OpenSSH clients don't accept DSA host keys, even at the LEGACY system-wide cryptographic policy level on Oracle Linux 8 or later.
Unlike utilities such as rcp, ftp, telnet, rsh, and rlogin, OpenSSH tools encrypt all network packets between the client and server, including password authentication.
To use the OpenSSH tools, you must have an account on both the client and server systems. You don't need to configure these accounts identically on each system. OpenSSH uses the SSH version 2 (SSH2) protocol. You can use any SSH2 client to access an OpenSSH server, and you can use the OpenSSH client to access any SSH2 server.
OpenSSH also provides a secure way to use graphical applications over a network through X11 forwarding. You can use port forwarding as another option to secure otherwise insecure TCP/IP protocols.