Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


DevShed: The Shell Game [Using SSH To Secure Your Connections]

May 31, 2000, 16:45 (0 Talkback[s])
(Other stories by icarus)

[ Thanks to Randy Cosby for this link. ]

"...telnet is a relatively insecure way of working over the Internet. A telnet connection is typically unencrypted, and offers experienced hackers - or bored twelve-year-olds - a number of opportunities to tap into your connection and siphon off information from the data stream flowing back and forth. What is needed is a more secure communication protocol, one which is immune to IP-based attacks, and which uses hard-to-crack cryptographic techniques to protect the data it carries."

"Like telnet, SSH is a program designed to let you log in to other computers on a network. However, unlike telnet, all the data flowing back and forth in an SSH session is encrypted, and thus secured from hackers attempting to eavesdrop on the connection. Passwords, for example, are sent over a telnet connection in clear-text, and are vulnerable to interception - however, SSH always encrypts data transmissions and thus secures sensitive information from falling into the hands of others."

"SSH also offers numerous improvements to the other remote login programs - rlogin, rsh and rcp. Where rlogin and rsh depend on a flat file to establish whether or not to allow remote hosts and users access, SSH relies on public/private key authentication to avoid the use of IP-spoofing or DNS-based attacks."

"Finally, SSH allows X11 forwarding, allowing the encryption of all X11 data, and TCP port forwarding, which makes it possible to communicate with other ports on the remote system [and systems that may be further connected to it] via the secure SSH channel, as well."

Complete Story

Related Stories: