Privacy and Security
Notice
Helpdesk | Services | Scientific Computing |
Networks | Telecommunications
| CAD/CAE | Policies
JLab SSH Documentation Home
JLab SSH Documentation
What is SSH?
SSH is a secure remote login and file copy utility. You use SSH to
log in to remote hosts, it will automatically encrypt your entire
session and protect it from eavesdroppers. This helps prevent your
password from being stolen and your account from being compromised.
SSH can also encrypt your X Window session, allowing you to securely
run GUI programs on remote computers.
Who should use SSH?
Everybody, on site, or not. Unfortunately, not all parts of the world
currently have access to the SSH software. If you do, you should
definitely use it anytime you log into any networked machine, whether
it is on site or not. This includes file transfers, too. The bottom
line is: do not use telnet, rlogin, rsh or ftp.
There are several benefits to using ssh:
- Automatic authentication of users, no passwords sent in clear
text
to prevent the stealing of passwords
- Multiple strong authentication methods that prevent such security
threats as spoofing identity
- Encryption and compression of data for security and speed (such
as
X traffic)
- Secure file transfer
- Tunneling and encryption of arbitrary connections. This feature
allows you to display many X windows applications running on remote
hosts on your local display.
SSH can authenticate your username (i.e. login you in) in two different
ways.
- Password authentication: Using this mode, ssh is almost
identical to the programs telnet or rsh. When you make a connection,
you are asked for your password. You type it in and you are either
logged in or denied. You password is first encrypted and then sent
over the network and then decrypted at the remote host. This is the
mode that most users will be encouraged to use, as it requires no
additional setup or configuration.
- DSA Authentication: With this mode, you develop a
public/private key pair. You then place your public key on a remote
host that you wish to connect to. This is very similar to using the
.rhosts file to make connections via rlogin. You may also chose to use
a passphrase with your public key. This will make the connection
require that the passphrase be typed in before the connection is
established. But this is optional, therefore you could chose to not
have a passphrase and then the connections will proceed immediately,
just as rlogins do.
What documentation is available for SSH?
All Platforms
| SSH
Upgrade FAQ
|
See how our convesion to SSH version 2 clients will affect
you.
|
Unix
| SSH
Introduction
|
A good introduction to SSH which explains many of its
features and
gives examples of how to use them. Start here if you're new to SSH.
|
| How to use
the SSH agent for Linux
|
You can configure SSH to log you in to a remote system
without
asking for a password. This document shows you how.
|
| SSHv2 Training |
PowerPoint/OpenOffice.org Presentation on using SSH, including configuring keys and taking advantage of the SSH Agent |
Windows
This document is maintained by
{helpdesk@jlab.org}
Copyright Jefferson Lab 2007
