## TL;DR

SSH (Secure Shell) is a cryptographic network protocol for secure remote login and command execution over unsecured networks, standardized as IETF RFC 4251 (2006). It replaced insecure protocols (telnet, rlogin, rsh). SSH uses public-key cryptography for authentication and symmetric encryption for session data.

## Core Explanation

SSH handshake: key exchange (Diffie-Hellman) → host authentication (server key fingerprint) → user authentication (password, public key, or keyboard-interactive) → encrypted session. SSH keys: `ssh-keygen -t ed25519` (recommended). `~/.ssh/authorized_keys` lists trusted public keys. SSH agent forwarding enables key use across jumps without copying private keys — use with caution (Agent hijacking risk).

## Further Reading

- [undefined](undefined)