[ Thanks to Randy
Cosby for this link. ]
“…telnet is a relatively insecure way of working over the
Internet. A telnet connection is typically unencrypted, and offers
experienced hackers – or bored twelve-year-olds – a number of
opportunities to tap into your connection and siphon off
information from the data stream flowing back and forth. What is
needed is a more secure communication protocol, one which is immune
to IP-based attacks, and which uses hard-to-crack cryptographic
techniques to protect the data it carries.”
“Like telnet, SSH is a program designed to let you log in to
other computers on a network. However, unlike telnet, all the data
flowing back and forth in an SSH session is encrypted, and thus
secured from hackers attempting to eavesdrop on the
connection. Passwords, for example, are sent over a telnet
connection in clear-text, and are vulnerable to interception –
however, SSH always encrypts data transmissions and thus secures
sensitive information from falling into the hands of others.”
“SSH also offers numerous improvements to the other remote login
programs – rlogin, rsh and rcp. Where rlogin and rsh depend on a
flat file to establish whether or not to allow remote hosts and
users access, SSH relies on public/private key authentication to
avoid the use of IP-spoofing or DNS-based attacks.”
“Finally, SSH allows X11 forwarding, allowing the encryption of
all X11 data, and TCP port forwarding, which makes it possible to
communicate with other ports on the remote system [and systems that
may be further connected to it] via the secure SSH channel, as
well.”