secure shell for computer science nick czebiniak sung-ho maeung
TRANSCRIPT
Secure Shell for Computer Science
Nick CzebiniakSung-Ho Maeung
What is SSH?
• SSH (Secure Shell) is a full replacement for rsh, rlogin, rcp, telnet, rexec, rcp and ftp
• Automatic authentication of users, no passwords are sent in clear text
• Secure remote login, file copying, and tunneling X11 and TCP connections( POP, IMAP, SMTP, HTTP )
When will I need SSH in CS?
• By June 18st 2001, telnet service will no longer be available on CS machines.
• Used to telnet into CS server from outside– Need SSH as a replacement for telnet, rlogin,
rsh
What SSH clients are available for PCs, Macs, and Linux ?
• SecureCRT: http://www.vandyke.co– 32bit version for Win98/98/2000/NT
• F-Secure: http://f-secure.com– Windows and Mac versions
• SSH Secure Shell: http://www.ssh.com– Excellent free SSH client for Windows and Linux
• TeraTerm Pro: http://www.zip.com.au/~roca/ttssh.html– A free SSH Client for Windows
• Mindterm: http://www.mindbright.se/mindterm/– A java based client for Windows and Mac
Secure Shell
How to connect?
• Hostname: tin.cs.rit.edu
• Username: abc1234
• Port Number: 22
Keys
SSH tunneling and Port Forwarding• Port forwarding• How to set up
– Depend on the SSH client you use.• ( SecureShell ) – www.ssh.com
– “listen port” – client port number• Ex) localhost:port#
– “destination host” – server address• tin.cs.rit.edu
– “destination port “ – server port number– “outgoing” and “incoming” tunnels
• need “outgoing” tunnels
Tunneling and Port Forwarding
Secure Shell
SSH on CS machines
• Located in .ssh2 directory
• Inside this directory– ssh-keygen2– Passphrase: ********– Again: *******– Public key saved– Private key saved
SSH on CS Machines
• Once setup, need to create identification and authorization files for ssh2– touch identification– touch authorization
• Edit these 2 files– Enter a private key in the identification file– Enter a public key in the authorization file
Conclusion
• Secure your data over the Internet.
• Secure your program over ftp.
• Use SSH service as soon as possible