News

SSH Communications Security to announce version 2.0 of the famous SSH cryptography program

SSH Communications Security Ltd., the developer of the popular SSH (Secure Shell) secure remote login program, now offers radical improvements in security for internet users. The newly announced SSH 2.0 version includes new routines, which are based on the new and innovative SSH2 protocol.

"The first version of SSH helped computer users work over networks with confidential data and made cryptography a common method for this. SSH2 now responds to the increasing cryptography demands of the users. It provides a possibility to transmit all confidential files securely, not just logins, all the way from their own personal computers", says Tatu Ylönen, the inventor of SSH, and CTO, SSH Communications Security.

The SSH2 code is totally rewritten to optimize security and speed. It is compatible with the old SSH program and new servers can serve both SSH version one and SSH2 protocols. The updated SSH 2.0 now includes new routines for the cryptography, which makes the program much faster. The new SSH2 protocol provides more security and allows future integration into public key infrastructures.

New secure FTP breaks through

As part of its advanced new features SSH 2.0 includes easy to use secure file transfer. Now users can take secure terminal sessions and also transmit files over the internet by using a protocol similar to the popular ftp (File Transfer Protocol) protocol. Secure ftp (sftp) is a part of SSH 2.0 product and supports all standard ftp functionality.

To enable the use of certificates, SSH 2.0 standards track supports Public Key Infrastructures (PKIs). SSH 2.0 works well without a certificate infrastructure for fast deployment, and support for X.509 certificates is possible for maximum security.

Aiming for standardization

The aim of the developers' group of SSH Communications Security has been to update and standardize SSH protocol. "We have participated in the protocol standardization by contributing the standard drafts describing SSH2 transport, connection and authentication protocol and general protocol architecture to the IETF", stresses Timo Rinne one of the developers of SSH2. The upcoming internet standard is called SECSH.

No unencrypted passwords in the network

TCP/IP environment has primitive security measures and everybody with a little bit of knowledge can break it. The classic way is to create a program that collects automatically all the passwords that circulate between two hosts.

SSH protocol has dramatically increased security of the network terminal sessions. It requires a minimum or no manual interaction from users and it is very easy to deploy and take into use.

SSH is especially suitable of remote administration of computing systems. The high security passwords of the system administrators and the commands given to mission critical computing resources are never transmitted in clear text, which would give an attacker the chance to attack the whole computing system of a corporation.

SSH protocol can automatically encrypt, authenticate and compress transmitted data. It provides support for secure remote logins, secure file transfer, and secure TCP/IP tunneling and X11 connection forwarding.

SSH is leading the way

SSH protocol became a de-facto standard since 1996, when Tatu Ylönen introduced it for the first time. SSH program is installed in an uncountable number of computers around the world. SSH was the first easy to use secure login program that required little knowledge in cryptography itself. Because of its ease-of-use, it wiped out many of its competitors from the market and became one of the most widely used cryptographic programs in the world.

Data Fellows, the leading security software company, markets the commercial version of SSH program under their F-Secure product line. The commercial version of SSH 2.0 is to be released soon and will include additional features such as a variety of strong ciphers. See www.datafellows.com for full details.

© 2002 SSH Communications Security Corp. All rights reserved. ssh® is a registered trademark of SSH Communications Security Corp in the United States and in certain other jurisdictions. All other names and marks are property of their respective owners.