SSH is used to transfer data securely. SSH is a protocol for securely exchanging data between two devices over an untrusted network. SSH protocol uses a client and a server. The SSH client initiates the secure connection, and the SSH server accepts an incoming connection.
Before you download or purchase an SSH server or client (Windows or Android), there are a few things you should always ask before trusting it with your valuable or sensitive information.
Is your SSH Server for Windows or Android SAFE for 2020?
- Are the security algorithms used current, updated and safe?
When SSH first came out, the algorithms used were state of the art. Since then, computers have modernized and hackers have gotten smarter. Many of the once-safe algorithms are now deprecated, easily hacked and unsafe to use. Old algorithms have been updated with newer, safe algorithms. This is a continual cycle. The SSH Server and Client you trust your information to must use current and safe algorithms. The company you download the software from needs to continually update the software to ensure the safest and strongest encryption available. Do not settle for anything less!
You can view this chart of current and safe SSH Server for Windows and Android algorithms. If your SSH server is unsafe in any of these categories, you will be at risk for attackers impersonating the attacked server, stealing user credentials, decryption of user data, attackers changing and injecting data, compromised data, and more.
- Does it have complete end-to-end security?
Some companies claim to have SSH, but when examined, only the server runs SSH. The devices (clients) do not run the same security level. This is where the data is most vulnerable. So when the secure server transfers data to the insecure client, the entire solution is unsecure. The SSH server AND client need SSH security. Make sure that the SSH solution you select offers end-to-end security.
- Who developed the cryptographic protocol?
Some vendors develop their own protocols. If you ever hear this, run away as fast as you can! Encryption protocols are extremely difficult to design. It is a dangerous area because there is a false sense of security. Developers think they have correctly implemented the cryptographic protocol or encryption algorithm, bur later find security risks many months after deployment. Years of testing and public scrutiny are important in testing every encryption protocol.
If the answer to any of these questions is no, you will not have a safe SSH Server. Unfortunately, you will have a false sense of security, with no real security protection.
Be confident in the security protocols that you use. Current and safe algorithms, complete end-to-end security, and time-tested and proven cryptographic protocol algorithms are imperative to a safe data transfer environment.