Secure Shell secures connections over TCP/IP networks by encrypting passwords and other data. Once launched, it transparently provides strong authentication and secure communications over unsecured networks.
Secure Shell defines a packet-based protocol that runs over a reliable transport stream, usually TCP. The protocol does not run over UDP.
Secure Shell provides security at the application layer of the TCP/IP protocol stack. It is an application suite for providing secure access for diverse tasks in a flexible way, a versatile security solution that has become an essential tool in remote administration.
Secure Shell was originally developed to solve the two most acute problems in the Internet, secure remote terminal logins and secure file transfers. FTP and Telnet offer no protection for data and are easy targets for eavesdropping attacks. The primary goal of Secure Shell has been to replace these unsecured protocols with a secure one.
Secure Shell can also tunnel arbitrary TCP traffic over a single encrypted connection. Tunneling is a powerful feature that makes it possible to secure the communication of other applications and protocols without modifying the application code. By using tunnels, users can continue to use existing unsecured applications, such as e-mail and X11 applications, in a secure manner. With tunneling, Secure Shell can offer an encompassing solution for securing most of the communication tasks.