A system administrator wants to send an email with an attachment through encrypted means. Which of the following should the sysadmin use?

Using S/MIME (Secure/Multipurpose Internet Mail Extensions) for sending an email with an attachment through encrypted means is the most suitable choice because S/MIME specifically provides a way to secure email communication. It uses public key cryptography to enable encryption of email messages, ensuring that the contents, including attachments, are only readable by the intended recipient.

When emails are sent with S/MIME, the text of the email and any included attachments are encrypted, providing confidentiality. Additionally, S/MIME includes features for digital signing, which authenticates the sender and ensures the integrity of the message, confirming that it has not been altered during transmission.

In comparison, SSH is primarily used for secure remote access and does not directly deal with email encryption. An API is a set of protocols for building and integrating software applications but does not inherently provide security features for email communications. ECDH, while a method for secure key exchange that can be part of a broader encryption strategy, does not itself facilitate the sending or securing of emails.

Thus, S/MIME is the best tool for the task of sending encrypted emails with attachments.