Glossary

The use of two different keys (public and private) to authenticate a user connection.

The process of determining another's identity. For example, the SSH server identifies itself to a connecting client during session setup using the server host key and the public/private keypair. The SSH client uses password, publickey, or hostbased authentication to establish its identity to the server.

The SSH_AGENT utility, which allows you to manage keys.

The process of modifying the data stream such that it can only be read by the appropriate decryption technique.

The state that exists when data has not been changed.

The process of modifying encrypted data so that it can be read.

Private digital key signature algorithm

The process of modifying data to make it impossible to be read except by the proper decryption function.

GSSAPI Authentication and Key Exchange for the Secure Shell Protocol (a Kerberos authentication method).

The authentication method where the client and server hosts authenticate each other.

The public-private key pair that identifies the server host.

The security protocol that provides strong authentication by using secret-key cryptography.

The authentication method used by Kerberos—aware applications.

The database that contains public keys for all client hosts that use the host-based authentication method to connect to the server.

The function that identifies data so that a user or entity cannot deny ownership or action related to the data.

The authentication method in which the client transmits an encrypted password encrypted to the server.

The function of encapsulating the TCP-based communication session between the SSH client and the SSH server programs. The result is a secure tunnel.

Of the key pair, the key that is known only to the user. When a message is encrypted with a public key, it can only be decrypted using the private key.

Of the key pair, the key that is distributed to other systems as part of authentication or another security procedure.

A method of identifying hosts and users using two cryptographically generated keys: a public key and a private key.

The set of keys required to perform cryptographic security.

The authentication method that uses public-key cryptography to verify the client's identity and requires two pieces of data: your private-public key pair, and, optionally, a passphrase.

The process of using a pair of mathematically related keys to verify the identity of hosts and users.

The process of establishing an interactive session on a remote system without connecting to it (also called tunneling).

The process of logging into a system running the SSH server from another system. SSH ensures the data communicated between your client and the SSH server is secure.

Rivest-Shamir-Adelman. A private key encryption algorithm

The Internet standard for secure file transfers and remote login and command execution. Also known as SSH.

See SSH client.

See SSH server.

A communication path established for securely transmitting data using applications that are not SSH-aware.

See Secure Shell. In the context of the TCP/IP Services for OpenVMS documentation, this is also referred to as SSH for OpenVMS.

Secure Shell client.

Secure Shell server.

File record format in which data is stored as a stream of bytes.

Hosts to which you can log in without proving your identity.

See Remote Command Execution.

Record-oriented file structure inwhich the length of the record varies, and is determined from an explicit field or end-of-record marker.

A protocol for displaying X terminal formatted server data on client systems.

An authentication method that encrypts X protocol, which is used by X Window systems.

A protocol for displaying server data on a client system.