Make SSH do more

by Jon Lasser
1 comment | 3I like it!
More »
on this topic
Newsletter Sign Up »
April 10, 2001, 07:15 PM —  LinuxWorld.com — 

Because Linux is a deep operating system, we often use a miniscule portion of a tool's features. I, for one, use awk primarily to isolate columns that cut can't find, though in fact awk is a full-fledged text-processing language. There's nothing wrong with that approach -- actually it's unavoidable -- but it benefits us to delve more deeply into the advantages a single program can offer.

Presumably you have already installed SSH and are using it to securely log in to remote systems. (If you aren't, please read Jay Beale's article "Stupid, Stupid Protocols: Telnet, FTP, rsh/rcp/rlogin" to see why you should -- see Resources.) However, most people simply connect via SSH, enter their passwords, and type away. They don't realize that SSH has advanced key-management features that allow them to avoid having to retype their passwords; that its port-forwarding options can secure other, normally insecure, packages; and that they can employ little tricks in SSH that would make their lives easier.

There's great confusion at present regarding SSH and the different versions of the software available. (See Resources for more information.) I recommend using the newest version of OpenSSH, 2.5.1p2. At the very least, use OpenSSH 2.3.0p1, as earlier versions had security holes. Several details that I will discuss do not apply to older versions of OpenSSH or to other implementations of the SSH protocol.

Keys to the kingdom

One major benefit of SSH, besides the obvious advantage of cryptographically secure connections, is that it allows you to log on to a server without ever having to type your password. You do have to type a password (only once -- but we'll get to that in a minute), but it doesn't have to be the password for your account on the server, and it will be the same password for every system to which you log in. That is possible through the magic of authentication via cryptographic keys.

Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world

I like it!
Comments
1 comment Add a comment

linux still free

Despite of being free Operating System, Linux failed to encourage number of IT specialist because of its not user friendly status
inbound call center
by lance (not verified) on 1/6/10 at 11:02 pm | reply
View all comments »
peer-to-peer

Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers

Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal

Tom Henderson
Top Ten General Operating Systems Rants

pasmith
PS3 motion controller delayed; goes up against Project Natal

sjvn
Neolithic Windows security hole alive and well in Windows 7

claird
Perl source code comparison makes for good reading

mikelgan
Cell phones don't create stress or interrupt much

Sandra Henry-Stocker
How to: The Unix Interview

 

Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann

Join the conversation here

The Daily Tip

The Daily TipQuick, practical advice for IT pros. Made fresh daily.

Hot tips:

Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.

Newsletters

Subscribe to ITWORLD TODAY and receive the latest IT news and analysis.

I would like to receive offers via email from ITworld partners.
By clicking submit you agree to the terms and conditions outlined in ITworld's privacy policy.
view all newsletters »
Marketplace