OpenSSH Secure Shell Suite

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. First released in 1999 as a fork of the last free version of SSH, it encrypts all traffic including passwords to effectively eliminate eavesdropping, connection hijacking, and other attacks. The suite replaces rlogin, telnet, ftp, and rsh with secure alternatives: ssh for remote login, scp and sftp for secure file transfer, and sshd as the server daemon. The current release includes the ssh-keyscan utility for collecting public host keys, sftp-server as an SFTP protocol subsystem, and ssh-keygen for creating and managing authentication keys supporting RSA, ECDSA, Ed25519, and DSA algorithms. OpenSSH also provides key features such as port forwarding including local, remote, and dynamic SOCKS proxy forwarding, X11 forwarding for secure graphical applications, and agent forwarding for transparent key delegation. The ssh-agent program holds decrypted private keys in memory so passwords only need to be entered once per session. OpenSSH supports modern cryptographic algorithms including ChaCha20-Poly1305, AES-GCM, Curve25519 key exchange, and Ed25519 signatures, while deprecated algorithms can be selectively disabled through fine-grained configuration. The sshd_config and ssh_config files provide extensive control over authentication methods, allowed ciphers, key exchange algorithms, and access restrictions. Originally developed for OpenBSD, OpenSSH is now the default SSH implementation on virtually every Linux distribution, macOS, and countless network appliances worldwide. The project is maintained by the OpenBSD team and released under a BSD-style license. Version 10.3 was released in June 2025 with improved key management and protocol hardening.