Linux Today: Linux News On Internet Time.

SSH Communications Security announces SSH 3.0

Apr 09, 2001, 18:42 (9 Talkback[s])

SSH Communications Security, a developer of Internet security technologies, today announced SSH Secure Shell 3.0, the next-generation of its leading encryption software product designed to protect end-users, businesses and developers from the most common break-in method used by hackers -- stealing passwords from the Internet.

SSH Secure Shell 3.0 will be available in June for Linux, UNIX, Sun Solaris, and Windows platforms. Exact pricing depends on customer deployment.

SSH Secure Shell 3.0's new functionality includes support for PKI (Public Key Infrastructure), smart cards and the Rijndael (proposed AES -- Advanced Encryption Standard) algorithm. The SSH Secure Shell 3.0 product provides transparent, strong security over any IP-based connection for both client and server applications by authenticating and encrypting terminal connections and file transfers over the Internet.

According to Tatu Ylonen, founder, chairman and CTO of SSH, "The integration of PKI and smart card functionality increases the security of Internet communications for both corporate and end users. Today's Web-based applications such as e-commerce and mobile computing require more than simple passwords or personal ID numbers to ensure that Internet transactions remain confidential. SSH Secure Shell 3.0 uses the latest authentication standards to expand the security that users need to secure all remote log-ins, while still delivering the ease-of-deployment and ease-of-use features that SSH Secure Shell has become known for."

SSH Secure Shell 3.0 new features include:

  • PKI Support -- With support for X.509 digital certificates, SSH Secure Shell 3.0 easily integrates into a PKI environment, enhancing the security in the login and authentication processes.
  • Smart Card Support -- Smart cards are becoming increasingly popular as a token for safe storage of users' credentials. Through a PKCS#15 interface, SSH Secure Shell supports a variety of smart cards that comply with this standard.
  • Rijndael (proposed AES) Support -- SSH Secure Shell 3.0 supports this newly proposed encryption algorithm, originally designed to protect sensitive government information but now widely accepted as the next-generation standard for corporate and private use. Once approved, AES will replace the aging DES (Data Encryption Standard) and offer higher levels of performance, efficiency, ease of implementation, and flexibility.
  • PAM (Pluggable Authentication Modules) -- SSH Secure Shell 3.0 adds Windows support for PAM, the de facto standard for single sign-on authentication services previously available only for Linux and Solaris platforms. PAM allows system administrators to maintain a flexible security policy management.
  • Kerberos 5 Enhancement -- SSH Secure Shell adds flexibility for system administrators by expanding the options for user authentication on Unix-based client/server systems with support for Kerberos. Kerberos is a popular network authentication protocol developed by MIT.

About SSH Secure Shell
Invented in 1995 by Tatu Ylonen, Secure Shell is a program to log into another computer over the Internet. Secure Shell secures the connection over the Internet by encrypting passwords and other data. Once launched, it transparently provides strong authentication and secure communications over insecure networks. Benefits of the Secure Shell technology include ease-of-use, strong security and flexibility. With several million users in over 80 countries, it is the de-facto standard for remote logins, and increasingly many organizations are completely prohibiting any other form of access to their networks from the public Internet.

Secure Shell protects terminal connections, file transfers, e-mail access, graphical X11 (X Window System) applications, and TCP/IP connections. Its main applications include Unix computers, system administration, Web site administration, and remote access to corporate resources over the Internet by employees or business partners. SSH Secure Shell has been adopted by major telecommunications suppliers (e.g., MCI), government agencies (e.g., NASA), universities (e.g. Harvard), networking vendors (e.g., Cisco), and numerous corporations.

Complete Story

Related Stories: