Main
Family Pages
Articles and Fun
Previous Content
Using Secure Shell
Ok, so I am supposed to turn out a nice little presentation on how to effectively use secure shell under linux for the next SMLUG Meeting, and so this is my beginnings of what needs to be covered.
Why Use it?
Other than because everyone else says you should, why would you need to use secure shell?
Secure Shell is a replacement for telnet. I know, I know, it is so much more, but we'll get to all that. Telnet was a great way to connect to another machine and login to an existing shell to run commands. This was a good thing, but it had some bad security bugs to go along with it.
For example, If you were to login to another machine over telnet, you get sent the prompt:
Username:
This is where you type your username and then it asks for your password. Now telnet did not echo your password on your screen, but it made it really easy to steal your password.
The reason is simple. Imagine a telephone line. If you could add a receiver in the middle of the line, the two people on the end would not know you were there, but could hear you speak your password. This is what is called a man in the middle attack.
Secure Shell solves this problem using encryption and passkeys. The details are long and boring, but suffice it to say, unless you were the recipient of the call, you could not get the password in the clear.
How do you use it?
I could just do the standard UNIX condescending jerk and say, RTFM (local copy of SSH Man Page) . But I really think I could explain a bit.