Secure Shell

From Syscore

1 What Is SSH
- 1.1 SSH @umbc
- 1.2 Should I be using SSH?
2 Ok, I'm sold -- what do I do now?

What Is SSH

[From the SSH FAQ]

Secure Shell (SSH) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and secure communications over unsecure channels. It is intended as a replacement for rlogin, rsh, and rcp.

Additionally, SSH provides secure X connections and secure forwarding of arbitrary TCP connections. You can also use SSH as a tool for things like rsync and secure network backups.

The traditional BSD 'r' - commmands (rsh, rlogin, rcp) are vulnerable to different kinds of attacks. Somebody who has root access to machines on the network, or physical access to the wire, can gain unauthorized access to systems in a variety of ways. It is also possible for such a person to log all the traffic to and from your system, including passwords (which ssh never sends in the clear).

The X Window System also has a number of severe vulnerabilities. With ssh, you can create secure remote X sessions which are transparent to the user. As a side effect, using remote X clients with ssh is more convenient for users.

For more information about Secure Shell, please see the SSH FAQ

[edit]

SSH @umbc

All of OIT's central UNIX machines accept SSH logins, and also have installed the standard ssh client software.

[edit]

Should I be using SSH?

Yes. SSH encrypts the contents of your session, including especially your authenticator (password). Telnet does none of this, allowing unscrupulous parties who 'sniff' network traffic access to your password. Does this happen? Yes. UMBC receives complaints from several users a month who's accounts have apparently been 'hacked', usually by having their password sniffed while they are logging into UMBC from a remote site.

[edit]