温馨提示:本站仅提供公开网络链接索引服务,不存储、不篡改任何第三方内容,所有内容版权归原作者所有
AI智能索引来源:http://www.ssh.com/about/history/part-2
点击访问原文链接

SSH.COM History - Part 2

SSH.COM History - Part 2 About us Investors Partners Careers Solutions SOLUTIONS Zero Trust Suite Quantum-Safe Cryptography (QSC) SalaX Secure Collaboration Security Risk Assessment, Quantification & Mitigation By Topic Just-in-Time Access Secure vendor access Credentials & Secrets Management Hybrid & multi-cloud access management Interactive tour: Privileged Access in the Cloud M2M connections IT Audits & Compliance Secure file transfer By Industry Managed Service Providers (MSP) Operational Technology (OT) Federal Government Security Products SECURE ACCESS & SECRETS MANAGEMENT SECURE FILE TRANSFER & ENCRYPTION NQX™ quantum-ready encryption Tectia™ SSH Client/Server Tectia™ z/OS SalaX Secure Collaboration Secure Mail 2024 Secure Messaging 2024 SalaX Secure Collaboration Solutions SOLUTIONS PrivX Zero Trust Suite SalaX Secure Collaboration Strong ID-based access with Entra ID & Zero Trust Suite Quantum-Safe Cryptography (QSC) Security Risk Assessment, Quantification & Mitigation Device trust & access and identity verification Identity-based authentication & converged IAM and PAM TOPICS Just-in-Time Access Secure vendor access Credentials & Secrets Management Hybrid & Multi-Cloud Access Management Interactive tour: Privileged Access in the Cloud M2M Connections Management IT Audits & Compliance Secure File Transfer INDUSTRIES Managed Service Providers (MSP) Operational Technology (OT) Federal Government Security Healthcare Data Security OT Security IT/OT convergence of data & systems Zero Trust Access and ZSP Workflow approvals Secure remote access  Secure patch management  OT Compliance Discovery and threat intelligence Phishing-resistant MFA & device trust Products SalaX SECURE COLLABORATION Secure Mail Secure Messaging Secure Sign SalaX Secure Collaboration FQX File Encryptor SECURE ACCESS & SECRETS MANAGEMENT PrivX™ PAM PrivX™ OT Edition PrivX Key Manager SECURE FILE TRANSFER & ENCRYPTION Tectia™ SSH Server Tectia™ SSH Server for IBM z/OS PrivX Desktop NQX™ quantum-safe encryption Services SSH Risk Assessment™ Professional Services Support Contact us Customer cases PrivX Zero Trust PAM Enterprise Key Management UKM Tectia SFTP for servers & mainframes SSH Secure Collaboration Resources SSH Academy Content library Blog References Press releases Downloads Manuals Events & Webinars Media Legal Report a vulnerability Solutions SOLUTIONS PrivX Zero Trust Suite SalaX Secure Collaboration Strong ID-based access with Entra ID & Zero Trust Suite Quantum-Safe Cryptography (QSC) Security Risk Assessment, Quantification & Mitigation Device trust & access and identity verification Identity-based authentication & converged IAM and PAM TOPICS Just-in-Time Access Secure vendor access Credentials & Secrets Management Hybrid & Multi-Cloud Access Management Interactive tour: Privileged Access in the Cloud M2M Connections Management IT Audits & Compliance Secure File Transfer INDUSTRIES Managed Service Providers (MSP) Operational Technology (OT) Federal Government Security Healthcare Data Security OT Security IT/OT convergence of data & systems Zero Trust Access and ZSP Workflow approvals Secure remote access  Secure patch management  OT Compliance Discovery and threat intelligence Phishing-resistant MFA & device trust Products SalaX SECURE COLLABORATION Secure Mail Secure Messaging Secure Sign SalaX Secure Collaboration FQX File Encryptor SECURE ACCESS & SECRETS MANAGEMENT PrivX™ PAM PrivX™ OT Edition PrivX Key Manager SECURE FILE TRANSFER & ENCRYPTION Tectia™ SSH Server Tectia™ SSH Server for IBM z/OS PrivX Desktop NQX™ quantum-safe encryption Services SSH Risk Assessment™ Professional Services Support Contact us Customer cases PrivX Zero Trust PAM Enterprise Key Management UKM Tectia SFTP for servers & mainframes SSH Secure Collaboration Resources SSH Academy Content library Blog References Press releases Downloads Manuals Events & Webinars Media Legal Report a vulnerability About us Investors Partners Careers About us Strategy History People Awards Patents Analysts Press Blog SSH's history After a password-sniffing attack at his university network, Tatu Ylönen designed the first version of the Secure Shell (SSH) protocol. 28 years later, more than 95% of the servers used to power the internet have SSH installed. The internet, as we know, is primarily managed using SSH.

But how did this all happen? How did the protocol become a cornerstone of a safe internet, and what does a European Commissioner or a lego brick have to do with it?

Universal SSH Key Manager & the growth of SSH SSH made it possible to build secure channels over unsecured networks by using SSH keys. The channels themselves were safe, but a new problem emerged when managing the massive amount of SSH keys the customers had. The keys did not expire, have an identity associated with them or could be shared , which was a huge issue for companies that had tens of thousands of current and former employees. If someone outside the organization got access to a key, that access could go undetected for months, even years..

“There were several cryptographic issues I didn’t understand when I started. And those made me sleep bad at night.” There was a true need for a proper key management solution.

“We had many SSH key management projects way before the actual product launched. We have developed all our services together with our customers, thinking, what kind of solutions would serve them the most, and UKM is a great example of that” Suvi Lampila says.

Universal SSH Key Manager (UKM) was designed to keep track of SSH keys. It manages SSH key inventories and automates policy enforcement, consolidates visibility, and simplifies compliance, according to enforce policies.

“It is not uncommon to find hundreds of thousands of unnecessary SSH keys when auditing our customers’ systems. And those are all putting information security at risk.” Ylönen says.

UKM solved the issue and is widely known as the most comprehensive, least intrusive and most robust solution on the market. It quickly became the number one SSH key management solution in the world. “Never in my wildest dreams could I imagine people started using it on a scale people are using it now.”

At the same time, also the SSH protocol had spread even wider. It quickly turned out to be one of the greatest discoveries of the internet era.

Today, more than 95% of the servers used to power the internet have SSH installed. It is safe to say that SSH keeps the world running: retail, cashiers, logistics, supply chain, landholdings, health information, even banks and militaries heavily depend on SSH, and many of them are also clients of SSH. Suvi Lampila is well-aware of the responsibility that comes with clients like that:

“It can be thrilling to work in technical support. When a call comes, you know, that there have been several people before me, trying to solve the problem without success. Every second counts. There are people troubleshooting, different vendors, operating systems, no one knowing, where the problem lies.

In most cases the issue does not track down to our products, but as long as the problem is under investigation, the stress is real. And it must be if information security is at risk. At the same time, when the problem is solved, there is no better feeling – to have solved something no one else has solved before.”

Future: connections without keys or passwords Digital transformation and adoption of cloud services will keep SSH busy for years to come. Solutions for cybersecurity threats and safe but convenient remote work must be agile and easily integrated with enterprise information systems. Identity management, access management, and cloud security are something to consider in the era where concepts like Zero Trust, Zero Standing Privileges and Just-in-Time Access have emerged.

The future growth of the company will be fueled by building better, easier, and more cost-effective Zero Trust Access Management solutions. “Combining static, permanent access credentials like SSH keys and privileged, superuser passwords with dynamic and short-live services has been an issue for a time now.” 

“But what if there was no need for admins, subcontractors or developers to use passwords or SSH keys to establish a secure connection? We put a lot of effort into building a solution that is easy to use so that privileged users just SSO to our solution and automatically have access to only their available servers with the right level of privilege based on their role. That is what PrivX is all about.” Lampila says. “It also supports RDP, HTTPS, and VNC  connections and can access multiple targets in addition servers, like industrial control systems, databases and network devices”, Lampila adds.

PrivX was also designed to eliminate the need to manage, rotate or vault SSH keys or other permanent credentials when establishing secure connections in hybrid multi-cloud environments. Instead, it authenticates users with ephemeral certificates that are created on-demand and just-in-time, when the connection is made. After a short time period (typically 5 minutes), the authentication expires automatically, leaving no keys or privileged passwords behind to forget, steal, lose or misuse - or manage. 

This ensures that third parties don’t walk away with your privileged credentials or bad actors cannot find them lying around in your environment, since permanent credentials are eliminated from the equation. 

 “The cloud environment work like an automated lego brick builder: it is built by a touch of a button from only those components that are needed in the moment. This is why fast deployment and automation matter: PrivX can be deployed in days, maintenance needs are minimal, scalability is great and linking admins and developers to their target hosts is automated, even if there are changes in the cloud environment. ”

That is great news considering the wide variety of cyber threats we are facing these days. Now that the society is fully dependent on cyber security, the solutions must do their best to be ahead of the threats.

But wait, what are the biggest cyber threats, anyway?

“We are, again, at a point where some governments are trying to make encryption look like a bad idea as a whole. They argue it is because of terrorism, but in the end, it is all about cyberwarfare. And not everyone is aware of the consequences of handing all the data over to another nation.” Ylönen says. “The current atmosphere around the topic is what really concerns me.”

Sam Curry agrees: “Cyber is another form of other means, another tool to continue to get advantages from other countries into winning diplomacy in doing trade and to avoid having to resort to use of physical force. “

And then there is the organized crime. As Curry puts it: “If you're an organized criminal and you're using a gun and a mask to do a robbery you're pretty stupid.”

“The bad guys are running a race and the good guys are running a race. Whoever wins, gets a control over that environment. So, anything that slows the bad guys down or speeds up the good guys will help.”

Now, as before, SSH will be in the job of producing solutions that enable working safe in the ever-changing internet environment.

Read previous A hacking incident was the mother of invention: the backbone of secure connections was born Read next Nearly 30 years of innovation - together with our customers and partners SSH is a leading defensive cybersecurity company that secures communications between humans, systems, and networks. We specialize in Zero Trust Privileged Access Controls and Quantum Safe Network Security. Our customers include a diverse range of enterprises, from multiple Fortune 500 companies to SMBs across various sectors such as Finance, Retail, Technology, Industrial, Healthcare, and Government. 25% of Fortune 100 companies rely on SSH’s solutions. Recent strategic focus has expanded SSH business to Defence, Critical Infrastructure Operators, Manufacturing OT Security and Public Safety.

Leonardo S.p.A invests 20.0 million EUR in SSH, becoming the largest shareholder of the company. SSH solutions form a Center of Excellence for Zero Trust privileged access management and quantum-safe network encryption in Leonardo - a global industrial group that creates multi-domain technological capabilities in the Aerospace, Defence and Security sector with 17.8 billion EUR revenue in 2024. SSH company’s shares (SSH1V) are listed on Nasdaq Helsinki.

 

Solutions Zero Trust Suite Zero Trust Suite & Entra ID Integration Quantum-Safe Cryptography (QSC) SalaX Secure Collaboration Security Risk Mitigation OT security MSP Security Device Trust Monitoring & Threat Intelligence Credentials & Secrets Management IT Audits & Compliance Products PrivX™ Hybrid PAM PrivX Key Manager Tectia SSH Client/Server™ Tectia™ z/OS Secure Messaging Secure Mail Secure Sign NQX™ Quantum-Safe Services SSH Risk Assessment™ Professional Services Support Resources Careers References Downloads Manuals Events & Webinars Blog Company About us Contact Investors Partners Press Stay on top of the latest in cybersecurity Be the first to know about SSH’s new solutions, product updates, new features, and other SSH news!

Thanks for submitting the form. © Copyright SSH • 2025 • Legal

智能索引记录