Linux/Unix Command: sshd

The SSH daemon supports secure remote sessions

Sshd—the SSH daemon—replaces rlogin and rsh, providing secure encrypted communications between two untrusted hosts over an insecure network. The programs are intended to be as easy to install and use as possible.

The sshd daemon listens for connections from clients. It is normally started at boot-up. It forks a new daemon for each incoming connection. The forked daemons handle key exchange, encryption, authentication, command execution, and data exchange. This implementation of sshd supports both SSH protocol version 1 and 2 simultaneously.

Unless you're opening your computer to external connections, you have no need to configure or run sshd. Use ssh to remotely log into servers that run sshd for you.

A woman working at a computer using software to analyze qualitative data
mihailomilovanovic / Getty Images

Command Execution and Data Forwarding

If the client successfully authenticates, a dialog for preparing the session is entered. At this time the client may request things like allocating a pseudo-tty, forwarding X11 connections, forwarding TCP/IP connections, or forwarding the authentication agent connection over the secure channel.

Finally, the client either requests a shell or execution of a command. The sides then enter session mode. In this mode, either side may send data at any time, and such data is forwarded to or from the shell or command on the server and the user terminal on the client.

When the user program terminates and all forwarded X11 and other connections are closed, the server sends a command exit status to the client and both sides exit.

Login Process

When a user successfully logs in, sshd does the following:

  • If the login is on a tty, and no command has been specified, it prints the last login time and /etc/motd.
  • If the login is on a tty, it records the login time.
  • Checks /etc/nologin if it exists, prints contents, and quits (unless root).
  • Changes to run with normal user privileges.
  • Sets up a basic environment.
  • Reads $HOME/.ssh/environment if it exists and users are allowed to change their environment.
  • Changes to the user's home directory.
  • If $HOME/.ssh/rc exists, runs it; else if /etc/ssh/sshrc exists, runs it; otherwise runs xauth.
  • Runs a user's shell or command.

Check the man pages for sshd for important information about configuring the daemon on your computer.

Was this page helpful?