Saturday, July 16, 2011

SSH: Secure SHell basic usage

Previous days, Unix users use telnet to access server shell accounts.  Telnet is not a secure protocol.  All Telnet traffics are sent in plain text including login user name and password.  Secure Shell (SSH) was designed as replacement for Telnet and other insecure remote shells.  All traffics are encrypted.  Nowadays, telnet is no longer used by Linux community.

SSH Server

OpenSSH is a popular SSH Server in Linux community.  This server is install and run natively in most Linux distro.  it may use directly without much configuration once install.  The default port number for SSH is 22.  You may use any SSH client to access the remote shell accounts directly.

The SSH server configuration file is located in /etc/ssh/sshd_config.  After finish changing the configuration, run

# service sshd reload

to realise the new configuration for next session.

SSH Client

Linux SSH Client

OpenSSH client is default and native Linux SSH client.  Just type:

# ssh <remote-ssh-server>

to access the remote shell account.

The SSH client use your current user name as user name to login to remote ssh server , to override user name, use “-l” parameter:

# ssh -l <user> <remote-ssh-server>

Windows SSH Client: Putty

Putty support both Telnet and SSH access.  It is a free software that run under Windows and Unix platform.

Other SSH Client

Although a common usage of SSH is accessing remote shell securely, it doesn’t limit to that.  A single SSH service may act as a gateway to access surprisingly many types of intranet traffics.  This ease the network administration to allow only SSH traffics traveling though intranet in encrypted and secured manner.  Some popular usages of SSH are listed as follow:

SSH Tunneling

SSH tunneling provide a solution to transfer sensitive and unencrypted traffic over secured channel.  It is a cheap and affordable solution than VPN.  All traffics travel through SSH tunnel was encrypted.  Some popular usage of SSH tunneling are VOIP and remote access to intranet services.

SCP

Secure Copy Protocol (SCP) provide an alternate file transfer service (FTP).  WinSCP is a nice Windows SCP software to access remote server via SSH.

Version Control: CVS and Git

Both version control software CVS and GIT allow user to synchronize local repository with remote repository via SSH.

No comments: