The Story of How SSH Got the Port Number 22

0

The SSH (Secure Shell) protocol was developed by Tatu Ylonen in 1995, originally in response to a hacking incident in the Finnish university network. The default port number for SSH is 22 and according to Tatu Ylonen, it’s not a coincidence.

ssh big 600x373 - The Story of How SSH Got the Port Number 22

When Tatu wrote the initial version of SSH in Spring 1995 to replace both Telnet and FTP, the port 22 was free and was conveniently sitting between the number 21 used by FTP and 23 by Telnet. Because of this, he figured having the port number associated with SSH would provide the new program he wrote some credibility. But how could he get that port number? You can just claim it. You would need to go through the proper channel to allocate it.

The basic process for port allocation was fairly simple back then, all through IANA (Internet Assigned Numbers Authority). So in July 1995, right before ssh-1.0 was announced, Tatu wrote an email to IANA.

From ylo Mon Jul 10 11:45:48 +0300 1995
From: Tatu Ylonen <[email protected]>
To: Internet Assigned Numbers Authority <[email protected]>
Subject: request for port number
Organization: Helsinki University of Technology, Finland

Dear Sir,

I have written a program to securely log from one machine into another
over an insecure network.  It provides major improvements in security
and functionality over existing telnet and rlogin protocols and
implementations.  In particular, it prevents IP, DNS and routing
spoofing.  My plan is to distribute the software freely on the
Internet and to get it into as wide use as possible.

I would like to get a registered privileged port number for the
software.  The number should preferably be in the range 1-255 so that
it can be used in the WKS field in name servers.

I'll enclose the draft RFC for the protocol below.  The software has
been in local use for several months, and is ready for publication
except for the port number.  If the port number assignment can be
arranged in time, I'd like to publish the software already this week.
I am currently using port number 22 in the beta test.  It would be
great if this number could be used (it is currently shown as
Unassigned in the lists).

The service name for the software is "ssh" (for Secure Shell).

Yours sincerely,

Tatu Ylonen <[email protected]>

... followed by protocol specification for ssh-1.0

To Tatu’s surprise, Joyce, one of the Internet pioneers, replied the very next day.

Date: Mon, 10 Jul 1995 15:35:33 -0700
From: [email protected]
To: [email protected]
Subject: Re: request for port number
Cc: [email protected]

Tatu,

We have assigned port number 22 to ssh, with you as the point of
contact.

Joyce

It’s simple as that. One email exchange later, port 22 was officially associated with SSH.

Two days later on July 12, 1995, at 5:23 pm, ssh-1.0.0 was released. The announcement about SSH was sent to the [email protected] mailing list, as well as a few newsgroups, mailing lists, shortly after.

/via SSH/

LEAVE A REPLY

Please enter your comment!
Please enter your name here