Linux Today: Linux News On Internet Time.

More on LinuxToday

Linux Journal: The 101 Uses of OpenSSH: Part I

Jan 01, 2001, 11:39 (0 Talkback[s])
(Other stories by Mick Bauer)

WEBINAR: On-demand Event

Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >

"This month we'll cover ssh's background and architecture, how to build and/or install OpenSSH, how to use ssh as an encrypted replacement for Telnet, how to set some basic ssh configuration options and how to use scp for encrypted file transfers. Next month I'll cover RSA/DSA authentication, local port-forwarding, remote-command-execution and other more advanced, and extremely powerful functions of ssh/OpenSSH."

"...a few years ago Finnish über-hacker Tatu Ylonen created a mind-blowingly cool thing called the Secure Shell, or ssh. ssh is a suite of tools that roughly correspond to Sun's rsh, rcp and rlogin commands, but with one very important difference: paranoia. ssh lets you do everything rsh, rcp and rlogin do, using your choice of libertarian-grade encryption and authentication methods. But wait--there's a catch--ssh version 1 relies heavily on RSA, an excellent, but as we say, encumbered (patented) technology that requires any application that uses it to be licensed (paid for) unless it's used in noncommercial settings (even in noncommercial use ssh's legality has always been murky, especially in the US). But wait, you say, RSA's US patents expired in September 2000--problem solved, right? Almost: Tatu's got to earn a living, so by the time RSA became less encumbered, ssh itself had become more so as his company F-Secure tightened the licensing reins. In fact, beginning with ssh version 2.0, unlicensed/free commercial use (regardless of RSA issues) was no longer permitted. All this despite Tatu's sincere desire that ssh become an Internet standard, one of the requirements of which is that at least one free implementation be available."

"Enter Theo de Raadt and the OpenBSD team. OpenBSD, of course, is the ultra-secure offshoot of NetBSD, a free version of BSD UNIX. Theo and our open-source brethren in the OpenBSD project wanted to include ssh in OpenBSD 2.6 but were wary of ssh's various encumbrances. When they learned that the Swedish programmer Bjoern Groenvall had released an improved version of ssh, 1.2.12 (the last completely free-except-for-RSA version of Ylonen's ssh), the OpenBSD guys rapidly got to work on updating and adapting it for a larger audience. OpenSSH has been part of OpenBSD ever since and is now portable to most versions of UNIX."

Complete Story

Related Stories: