Reprinted link https://blog.csdn.net/baidu_39486224/article/details/81295701
SSL (Secure Sockets Layer (SSL) and Transport Layer Security (TLS)) is designed to strengthen the secure transmission of Web (HTTP / HTTPS /) protocol (in fact there SMTP / NNTP, etc.), SSH (Secure Shell) more were designed to strengthen the Telnet / FTP secure transmission protocol, by default, it uses port 22 .HTTP layer: translating user requirements into HTTP requests,
SSL layers: a lower layer protocol by means of a channel negotiate a secure encryption key, and use this key to encrypt HTTP requests.
TCP layer: establishing web server connected to the port 443, the data transfer SSL processing. This process is opposite to the receiving end. SSL based on an encrypted TCP channel, through this layer data is encrypted, thus achieving the effect of confidentiality. The following summarizes the work of the SSL protocol. Several clients to send and receive handshake:
ClientHello * Send a message stating that the list of cryptographic algorithms it supports, compression methods and the highest protocol version, a random number will be sent later to be used. * ServerHello then receive a message containing the connection parameters selected by the server, from the initial client terminal is provided ClientHello. * When the two sides know the connection parameters, the client and server exchange certificates (relying on public-key system is selected). These certificates are usually based on X.509, but the draft has been supported by the OpenPGP based certificates. * Server requests the client public key. The client has a certificate that is two-way authentication, public key is randomly generated when no certificate. * The client and server negotiate a common main private public key secret (random sides negotiated), which is achieved by pseudo-random number function meticulously careful design. Results using the Diffie-Hellman exchange may be, simplified or public key encryption, each party with its private key to decrypt. All other key data are encrypted using the "master key." ssh is encrypted, SSL-based.
telnet codes are transmitted, you need not be able to see the content decrypting data transmitted after being monitored. Telnet
Telnet telecommunications (Telecommunications) and Network (Networks) joint abbreviation, which is one of the most people on a UNIX platform, known as the network protocol.
Telnet uses port 23, which is designed specifically for LAN.
Telnet is not a secure communication protocol, because it does not use any security mechanism to transmit data in clear text across the network / Internet, including passwords, so anyone can sniff packets get this important information.
Telnet does not use any authentication policies and data encryption methods, which brought great security threat, which is why telnet no longer be used to access through the public network equipment and network servers.
On Linux systems, telnet is easy to use yum to install:
SSH
SSH Secure Shell representatives (Secure Shell), it is now the only major protocol access network equipment and servers over the Internet.
SSH runs by default on port 22; however, it is easy to change this port.
SSH protocol is a very safe, because it shares and send encrypted information to provide confidentiality and security of data through an insecure network to access the Internet.
Once the data communications using SSH encrypted, it is extremely difficult to extract and read the data, so our passwords on public networks has become very safe.
SSH also use the public key is used to authenticate user access to the server, which is a good practice to provide a high level of security for us.
6.SSH mainly used on all popular operating systems such as Unix, Solaris, Red-Hat Linux , CentOS and Ubuntu and so on.
---------------------
Author: Programmer fans of
Source: CSDN
Original: https: //blog.csdn.net/baidu_39486224/article/details/81295701
copyright Disclaimer: This article is a blogger original article, reproduced, please attach Bowen link!