Secure Shell (SSH)
What is SSH?
SSH (Secure Shell) is a secure replacement for telnet, rlogin, rsh and rcp. It encrypts all traffic, and provides a high level of protection against hacker attacks. Main features of SSH include secure remote logins, terminal emulation, fully integrated secure file transfers, and secure tunneling of X11 traffic.
The University of Minnesota central servers require secure telnet and FTP connections. Some compatible client options are listed below based upon operating system. Consult with your local technical support staff.
Take additional steps to help reduce the risk of SSH password guessing compromises:
- Set a strong password on all accounts.
- Do not allow root to log in through SSH.
- Use host based or network firewalls to limit access to specific IP addresses.
It is particularly important to apply these recommendations to computers running Apple OS/X where administrator accounts are root equivalent.
SSH clients exist for all common architectures and operating systems. Some are free.
- OpenSSH is freely usable and re-usable by everyone under a BSD license. OpenSSH is available from http://www.openssh.org/portable.html.
- Cygwin provides a Windows port of the most current OpenSSH tools.
- PuTTY is a full-featured, SSH compliant client for Windows. You can get Putty at http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html, as well as PSCP, a tool for encrypted remote file transfer
- WinSCP is a freeware Secure Copy (SCP) protocol client for Windows, which can be used to connect to an SSH server, mainly to UNIX machines, for file transfer using the SCP service. http://winscp.net/eng/index.php
- SecureCRT software requires you to purchase a license. http://www.vandyke.com/products/securecrt/
Mac OS X
- Mac OS X comes with OpenSSH pre-installed. Open the Terminal application from inside the Utilities folder, and then type "ssh user@server_name_or_IP_address" to get started.
- Portable OpenSSH is available at http://www.openssh.com/portable.html at no charge. The portable OpenSSH follows development of the official version, but releases are not synchronized. Portable releases are marked with a 'p' (e.g. 2.3.0p1).