Home | Articles | About | Contact | Forum |
Thursday, November 21, 2024



Lunarpages.com Web Hosting

Mailing List

E-mail:
By Joining the mailing list you will be notified of site updates.


Show Your Support For
This Site By Donating:











Audience: Newbies - Self Learners
Last Updated: 2/3/2007 2:33:40 PM
Original Creation Date: 5/17/04 8:13 PM
**All times are EST**

SSH - Secure Shell

By Erik Rodriguez

This article describes the SSH protocol, how it is used, and how it should be configured.


SSH stands for Secure Shell, or Secure Socket Shell. Basically, SSH is a "better" telnet. It is different in some ways, but it is used for the same purpose. SSH is based on UNIX systems and based on the UNIX utilities: rlogin, RSP, and RCP. SSH is secure. Telnet is not! This is the reason most network/system administrators use SSH instead telnet. SSH uses a few different things that make it distinct from telnet. By default, SSH runs on port 22 (not 23 like telnet). Secondly, every server that runs SSH has its own RSA public key cryptography for connections and authentication. Encryption schemes that are used include: Blowfish, DES, and IDEA. SSH is effective in preventing networking sniffing, man-in-the-middle attacks, and various types of spoofing.

In many cases, SSH is used to connect to a shell account on a Unix/Linux server. *nix experts usually prefer shells over KDE or Gnome. If you are using Windows, SSH must be used via 3rd party software. I recommend a few different software packages if you want to use SSH.

If you want to use a Windows Server, install Remotely Anywhere. It is an excellent management tool, and it installs SSH on your server. Its only downfall is the price. As far as client software goes, you can download several great clients that are shareware. I recommend SecureCRT and SSH Secure Shell. If you want a free one, Putty (click here to download) works well, and it is small enough to fit on a floppy.

The image below is a screen shot of an SSH session with a Red Hat Linux server.



Open Port

Remember that having SSH open leaves a port open for possible compromise. Make sure you disable root login remotely, or use a strong password! Once a server is root compromised, a rootkit is often installed. If you are able to detect the rootkit, they are very hard, and somtimes impossible to remove. Don't be lazy...

HOWTO - Edit files with vi
HOWTO - Adding Users to Groups
HOWTO - Using Sudo for Root Privileges
HOWTO - Viewing Uptime in Linux
HOWTO - View Running Tasks in Linux
HOWTO - Disable SSHv1





TCP vs. UDP
Juniper SRX anti-spam filtering config
Windows Server 2008 Clustering Configuration
Windows 2008 R2 Network Load Balancing (NLB)
Extreme Networks: Downloading new software image
Juniper SRX save config to USB drive
Juniper SRX logout sessions
Extreme Networks Syslog Configuration
Command line drive mapping
Neoscale vs. Decru
Data Security vs. Data Protection
Juniper SRX Cluster Configuration
HOWTO - Create VLAN on Extreme Switch
Using a Non-local Colocation Facility
Linux Server Administration
IT Chop Shops
Flow Viewers: SFLOW, NetFLOW, and JFLOW
Exchange 2007 Back Pressure
IPtables open port for specific IP
Politics in IT Departments
HOWTO - Block Dropbox
Cisco IOS Cheat Sheet
Subnet Cheat Sheet
Design a DMZ Network
How DNS works
Firewall Configuration
Juniper SSG Firewalls
Server Management
Configuring VLANs
Runlevels in Linux
Server Clustering
SONET Networks
The Red Hat Network
Server Colocation
Complicated Linux Servers
Dark Fiber
Data Center Network Design
Firewall Types
Colocation Bandwidth






Copyright © 2002-2016 Skullbox.Net All Rights Reserved.
A division of Orlando Tech Works, LLC
By using this site you agree to its Terms and Conditions.
Contact Erik Rodriguez