Trying to understand the difference between SSH vs SSL?
At a very high level, SSH and SSL are both technologies to help encrypt and authenticate the data that passes between two computers (e.g. your laptop and your website’s server). Basically, they make things a lot more secure.
However, while they are similar in some ways at a high level, they serve two very different purposes, so it’s important to understand the difference between SSH vs SSL.
In general, SSL is used for encrypting data in transit between two locations, such as your web browser and the server of a site that you’re visiting. SSL is what adds the “green padlock” in web browsers and it’s also what you use if you want to securely accept credit card information (or other sensitive data) on your website.
On the other hand, SSH is used to remotely log in to another computer (e.g. a web server) and create a secure connection to issue commands (via SSH tunneling). For example, if you want to connect to your site’s server to execute commands using WP-CLI, you’ll use SSH. At Kinsta, you’ll also use SSH when you want to connect to your server via SFTP access.
In this article, we’ll introduce you to both SSH and SSL and what you can use them for. Then, we’ll go more in-depth into some of the high-level and specific technical differences between SSH vs SSL.
What Is SSH?
SSH stands for Secure Shell. SSH offers a secure way to remotely log in to another computer and issue commands, e.g. your website’s server.
Using SSH tunneling, you’ll be able to create an encrypted connection between a client (e.g. your computer) and a server (e.g. your website’s server).
To create this secure SSH tunnel, you’ll need to authenticate using either a username/password or a set of cryptographic public/private keys.
Once you’ve authenticated yourself, you’ll be able to securely access information (e.g. your site’s files and database) and issue commands to the remote server via the command line.
What Do You Use SSH For?
Perhaps a better question is “what can’t you use SSH for?”. Once you’ve connected to your server via SSH, you’re in full control. You can execute any commands that you want, as long as you understand the command line.
For example, if you’re using WordPress, you can use WP-CLI to interact with your WordPress site and plugins once you’ve connected with SSH. You can create content, apply updates, manage taxonomies, and lots more. Note – WP-CLI is installed by default on all of our WordPress hosting plans.
At Kinsta, we offer SSH access on all plans and you can also add your SSH keys via the MyKinsta dashboard. You can follow our intro guide on how to use SSH to get started.
We also have some more specific guides. For example, how to unzip a file in Terminal using SSH.
Beyond using SSH to be able to manage your server via the command line, SSH also underpins another important tool – SFTP, short for SSH File Transfer Protocol (also often called Secure File Transfer Protocol). SFTP lets you connect to your server via secure SSH tunneling and then manage files using FTP just like you normally would.
At Kinsta, we only offer SFTP access because SFTP is much more secure than regular unencrypted FTP access.
Basically, once you use SSH to connect to your server, you have a ton of flexibility because you’re able to execute your own commands as needed, which isn’t the case with SSL.
What Is SSL?
SSL stands for Secure Sockets Layer. While most people still refer to SSL, SSL is technically the older version of the more modern Transport Layer Security (TLS) protocol. However, for all practical purposes, you can think of SSL and TLS as the same thing and we’ll just refer to it as SSL.
SSL is a protocol that’s primarily designed to protect the transmission of data between two parties with encryption and authentication. Most commonly, this transmission is between someone’s web browser and the server of the website that they’re visiting.
There are a few key benefits:
- Encryption – SSL encrypts data while it’s in transit, which means that malicious actors can’t intercept that information.
- Authentication – SSL also helps authenticate that data is being sent to and received from the correct server, which is another way that it helps prevent man in the middle attacks.
- Data integrity – finally, SSL also ensures data integrity by making sure there’s no loss or alteration of data during transit.
SSL works by using certificates, which is why you’ll see phrases like “SSL certificate.”
However, while SSL does help authenticate the server, it does not require any authentication from the client (e.g. a website visitor). This is different from SSH, which does require authentication from the client.
You can learn more about SSL in our full article on how SSL works.
What Do You Use SSL For?
Once you install an SSL certificate and enable HTTPS, data that passes between your website and your visitors’ browsers will be secure.
If you have any type of website, like an ecommerce, you absolutely need to install an SSL certificate so that you can get the benefits above and build trust with your visitors and search engines like Google.
To add some confusion, you can also use SSL to securely transfer files via FTP. This is called FTPS, or File Transfer Protocol over SSL. This is distinct from SFTP, though it also serves the purpose of making FTP more secure.
At Kinsta, we only offer SFTP (SSH). We do not offer FTPS (SSL).
SSH vs SSL: High-Level Difference
At this point, you know that there are a lot of similarities between SSH vs SSL:
- Both help you create secure connections.
- Both encrypt the data that passes between two devices.
The key difference between SSH vs SSL is that SSH is used for creating a secure tunnel to another computer from which you can issue commands, transfer data, etc.
On the other end, SSL is used for securely transferring data between two parties – it does not let you issue commands as you can with SSH.
For example, let’s say you’re on your laptop. Here’s an example of when you would encounter each protocol:
- SSH – if you wanted to securely connect to your website’s server and use WP-CLI to manage your WordPress site, you would use SSH.
- SSL – if you wanted to interact with a frontend form on your website to submit data, your server would use SSL to encrypt the form data as it moves between your web browser and your server’s database.
As long as you’ve installed an SSL certificate and enabled HTTPS, everyone who visits your website will interact with your site’s server using SSL – they don’t need to authenticate themselves to access your site.
However, the only person who interacts with SSH will be you or other technical users who are supposed to have direct access to your server and can authenticate themselves with either a username/password or a cryptographic key.
More Technical SSH vs SSL Differences
There are of course lots of technical differences between SSH vs SSL. If you’re a casual user, these might not mean much to you, but these are important for technical-minded people to understand:
Used for securely and remotely connecting to another machine to issue commands.
Used for securely transmitting data between two parties – normally a visitor to your website and your website’s server.
Based on network tunnels.
Based on digital certificates (i.e. SSL certificate)
Runs on port 22
Runs on port 443
Requires the client to authenticate with a username/password or cryptographic key
Only requires authentication on the server side (the client isn’t required to authenticate)
Is a cryptographic network protocol
Is a security protocol
To recap, SSH and SSL seem similar at first glance because they both help you create secure connections. However, they serve two very different purposes.
SSL is primarily used to encrypt data that moves between your website’s visitors and your server. For example, if a visitor enters their credit card or inputs their password in a login form, SSL is what encrypts that data and protects it from man in the middle attacks.
On the other hand, SSH is used to securely log in to a remote machine so that you can issue commands, manipulate files on that machine, etc. You’ll need SSH if you want to use WP-CLI, manage your site’s files via SFTP, access your database remotely, and so forth.
The only people who can use SSH to connect to your server are people who are able to authenticate themselves with a username/password or SSH keys.
At Kinsta, we make it easy to install an SSL certificate for your WordPress site so that you and your visitors can benefit from SSL.
We also offer SSH access on all plans and install WP-CLI by default, so that you and your team can benefit from using SSH to manage your site. We also use SFTP to make sure you’re able to securely manage your site and its files via FTP.