SSH and SSL are both cryptographic protocols used for creating a secure connection to exchange confidential/sensitive data by ensuring its integrity.
SSH and SSL are build based public-private key pair.
SSH - Securing computer networks
SSH (Secure Shell) is a cryptographic network protocol designed for securing network services and communications over an unsecured network by using login and password authentication.
SSH enables the creation of a secure channel in order to remotely login to a computer system or network. Although it has SSL under the hood, SSH’s application is securing computer network tunnels.
SSL – Securing web data transfers
SSL (Secure Sockets Layer) is a cryptographic protocol which ensures the encryption/decryption of the information exchanged between the client (browser) and the server (website).
When a browser visits a URL which begins with "https://", the browser speaks HTTP over an SSL connection.
SSL is a Protocol that could be implemented in the 6th layer (Presentation layer) of the OSI Model.
SSL stands for "Secure Sockets Layer;" TLS, for "Transport Layer Security." SSL was developed by Netscape for use in securing HTTP.
FTP is a TCP-based protocol. Hence, it can be very useful for downloading/uploading files over a LAN or even through the Internet. However, FTP was designed at a time when the use of the Internet was limited to a few organizations and network-based threats were non-existent.
Today, a multitude of threats already exist and FTP connections can be compromised through man-in-the-middle, brute force, and other forms of cyber attacks. To protect file transfers from these threats, secure file transfer protocols were developed. Of these protocols, two have gained widespread adoption - FTPS and SFTP.
FTPS actually gets its protection from SSL/TLS (Secure Sockets Layer/Transport Layer Security), while SFTP gets its own from SSH (Secure Shell).
SSH uses a username/password authentication system to establish a secure connection while SSL does not really bother with it.
SSH is more about network tunneling while SSL is more about certificates
No comments:
Post a Comment