Enterprise Software

Happy birthday, OpenSSH

I'm sure some of you have noticed by now that this month marks Google's 9th birthday. It's something of a landmark event for a number of reasons, not least of which is the incredible impact Google has had on the IT industry.

More relevant to security, however — and more subtle in its impact — is the fact that today marks the 8th birthday of OpenSSH. Eight years ago, Theo de Raadt made the first code commit to the OpenBSD repository for a new open source implementation of SSH client and server software.

In the years since, OpenSSH has arguably become the single most used secure remote access software on the planet, deployed across pretty much every major operating system platform you can get. You can get a look at the growth of OpenSSH usage among SSH implementations across the Internet for yourself.

Theo de Raadt's first words on the commit were "i bet a lot of people didn't know what ssh 1.2.16 had a nice license." He expressed the need for the OpenSSH implementation to be brought up to feature parity with the other major implementations of the day. Less than a decade later, OpenSSH is the yardstick against which other SSH implementations are measured.

Ports can be found on BSD UNIX systems such as FreeBSD and NetBSD as well as OpenBSD, on every Linux distribution I've ever encountered, on Microsoft Windows, on Apple Mac OS X, on prominent SysV UNIX systems such as Solaris and AIX, in rarer OSes such as Plan 9 from Bell Labs, and even now in routers, switches, and PostScript printers. Yes, printers.

SSH stands for Secure Shell and was originally developed as a replacement for RSH — which stands for Remote Shell. Back in the bad ol' days, people didn't think about things like password sniffing over the network when they developed remote access tools such as RSH, and SSH was meant to address that problem. Thanks to OpenSSH and its extremely liberal licensing, computers all over the world in every walk of life have been made more secure. It employs strong encryption to create a secure end-to-end "tunnel" through which all your data can be passed, including the initial authentication data for SSH itself.

If you're interested in securing your remote access capabilities and are using anything other than a 100 percent pure vertically integrated vendor stack, head on over to the OpenSSH project to learn more about it. It may be exactly the tool you need.

While you're at it, wish 'em happy birthday.

About

Chad Perrin is an IT consultant, developer, and freelance professional writer. He holds both Microsoft and CompTIA certifications and is a graduate of two IT industry trade schools.

Editor's Picks