SSH vs SSL: What's the difference?

Apart from the one letter distinguishing SSH from SSL, what other differences are there between the two?

Overall, SSH and SSL have quite a few similarities. Both are technologies designed to authenticate connections and encrypt data between two devices or applications over an internet connection, but when you look deeper, they serve very different purposes.

While SSL is used to encrypt data being transferred between two locations, SSH is used for remotely logging into another computer or server in order to execute commands or securely transfer files. If this still sounds complicated to you, keep reading to learn more about SSL, SSH and the similarities and differences between the two.

What is SSL?

SSL stands for Secure Sockets Layer and is a communication protocol that secures and authenticates connections between two devices or applications, such as your website and a visitor’s web browser. SSL encrypts the data being transferred, which makes it harder for hackers to intercept this information.

You’ll often hear or see the term ‘SSL’ as part of the phrase ‘SSL certificate’. For example, web hosting providers can offer free SSL certificates with their web hosting or website builder plans. This means that your website has a digital certificate that authenticates its identity and enables it to establish secure connections.

You can tell if a website has an SSL certificate by looking at its URL. If it starts with just ‘http://’, there’s no SSL certificate and your connection won’t be secure. Secure websites with SSL certificates have a URL starting with ‘https://’, and you may see a padlock symbol or a dropdown menu with more information to the left of the URL.

SSL vs TLS

Confusingly, SSL is actually the term for an older protocol that has now been deprecated. The term SSL is still used because it’s more familiar, but the modern version of this technology is actually called TLS (Transport Layer Security). 

TLS and SSL are basically the same thing, but TLS is the currently used version that’s more updated and secure. So, although they’re commonly called SSL certificates or SSL/TLS certificates, these certificates also work for TLS, which is the protocol used by websites today. SSL has stuck around as the main term, so we’ll continue to refer to it this way to avoid confusion.

Both SSL and TLS work by establishing a secure connection between a website and the visitor’s web browser through a process called a ‘handshake’. During this handshake, the web browser authenticates the web server’s SSL certificate, and if the certificate is valid, the browser and server create an encrypted connection using cipher suites. SSL uses port 443 for this secure connection. Port numbers are reserved for certain protocols (like SSL), and they’re used to identify an application or service on a system so that senders and receivers of information can be identified.

What is SSL used for?

Installing an SSL certificate is essential if you want people to connect securely to your website and transfer data safely. For example, if you own an ecommerce website, you need to ensure that your customers’ payment data will be safe if they purchase from your site. Plus, if your customers see that your site has HTTPS or a padlock symbol, they will be more likely to trust it and complete a purchase.

Since 2014, HTTPS has also been one of Google’s ranking signals. This means that websites with secure connections are ranked higher in search engine results.

In addition to using SSL to secure connections, you can also use it to securely transfer files via FTP (File Transfer Protocol). This is an extension of FTP known as FTPS (File Transfer Protocol Secure), and it supports both SSL and TLS.

What is SSH?

SSH stands for Secure Shell and is a network communication protocol that allows you to remotely log into another computer and execute commands. Although it establishes a connection between two devices just like SSL, it’s different because it enables you to execute commands remotely and transfer files from one machine to another.

To form this encrypted communication tunnel between the two devices, you need to authenticate the connection with a username and password or a set of cryptographic public/private keys. Unlike with SSL, which only requires the web browser to authenticate your server’s SSL certificate, the client (e.g., your computer) will need to be authenticated too with SSH. Therefore, client authentication is required for SSH but not for SSL (which requires server-side authentication only).

This level of authentication makes SSH extremely secure, so it’s a great choice for remote access and file transfer. SSH is very flexible and can be used for many purposes, such as tunnelling, remote login and file transfer, but it can also be quite complex for new users.

What is SSH used for?

An SSH can be used for various things – such as connecting to a VPS with a Linux OS. Once the SSH connection is established on port 22 (which is the port number assigned to SSH), you can input commands via the command line for the remote device (e.g., a server) to execute. This means you can use tools like WP-CLI to manage your WordPress website, or you can manage and configure your server from any remote location. SSH also allows you to remotely access and manage your site’s database. All of this makes SSH an extremely useful tool for server and website maintenance.

Secure file transfers

Another important use for SSH is transferring files securely from one device to another. SSH is needed for SFTP, which stands for SSH File Transfer Protocol or sometimes Secure File Transfer Protocol (not to be confused with FTPS – File Transfer Protocol Secure). With SFTP, you can connect to a remote server via a secure SSH tunnel and manage your files as normal with FTP.

Similarities between SSH and SSL

Despite their differences, both SSH and SSL are fantastic technologies for creating secure connections between different devices and encrypting the data that passes between them. Here’s a quick summary of the main similarities between SSL and SSH:

  • Both use encryption to create secure connections between devices or applications. This can help prevent unauthorised access to your data.
  • SSH and SSL both use authentication to ensure that only authorised devices or users can access the connection. SSL uses digital certificates for authentication during the ‘handshake’ process, whereas SSH can use public/private keys, passwords, and two-factor authentication.
  • Both have a wide variety of uses, including secure data transfer and FTPS for SSL and remote administration and SFTP for SSH.
  • Both communication protocols use Public Key Infrastructure (PKI) to create secure, encrypted connections.

Differences between SSH and SSL

SSH and SSL do have a lot in common, but there are also plenty of differences to be aware of. Most of these differences relate to how they operate and their use cases, so let’s take a closer look below:

  • SSH works on port 22 and SSL works on port 443.
  • SSH is primarily used for executing commands on a remote server via a secure connection, whereas SSL is mainly used for creating encrypted connections to enable secure data transfer between devices or applications.
  • SSH is usually used to securely connect two computers or servers, whereas SSL is usually used for connections between a website and the visitor’s web browser.
  • SSH uses symmetric key algorithms to protect data while SSL uses both symmetric and asymmetric encryption algorithms. 
  • SSH is based on network tunnels and SSL is based on digital certificates.
  • SSH is a cryptographic network protocol and SSL is a security protocol.

Keeping your data private and secure should form a key part of your cybersecurity strategy. Check out the Fasthosts blog to learn more about server security, website security, secure file transfer and more, or get in touch with our support team for expert security advice.