Use Secure Shell (SSH)
SSH, also known as Secure Socket Shell, is a network protocol that provides administrators with a secure way to access a remote computer. SSH also refers to the suite of utilities that implement the protocol. Secure Shell provides strong authentication and secure encrypted data communications between two computers connecting over an insecure network such as the Internet. SSH is widely used by network administrators for managing systems and applications remotely, allowing them to log in to another computer over a network, execute commands and move files from one computer to another.
The main features of SSH include secure remote logins, terminal emulation, fully integrated secure file transfers, and secure tunneling of X11 traffic. Many University of Minnesota systems require secure telnet and FTP connections.
Install a SSH Client
SSH clients exist for all common architectures and operating systems. Some are free.
- OpenSSH is freely usable and re-usable by everyone under a BSD license. OpenSSH is available from http://www.openssh.org/portable.html.
- Cygwin provides a Windows port of the most current OpenSSH tools.
- PuTTY is a full-featured, SSH compliant client for Windows. You can get Putty at http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html, as well as PSCP, a tool for encrypted remote file transfer
- WinSCP is a freeware Secure Copy (SCP) protocol client for Windows, which can be used to connect to an SSH server, mainly to UNIX machines, for file transfer using the SCP service. http://winscp.net/eng/index.php
- SecureCRT software requires you to purchase a license. http://www.vandyke.com/products/securecrt/
Mac OS X
- Mac OS X comes with OpenSSH pre-installed. Open the Terminal application from inside the Utilities folder, and then type "ssh user@server_name_or_IP_address" to get started.
- Portable OpenSSH is available at http://www.openssh.com/portable.html at no charge. The portable OpenSSH follows development of the official version, but releases are not synchronized. Portable releases are marked with a 'p' (e.g. 2.3.0p1).
Protect Your SSH Client
- Set a strong password on all accounts.
- Do not allow root to log in through SSH.
- Use host based or network firewalls to limit access to specific IP addresses.
- SSH Communications Security, Inc
- For department specific implementations, type in "SSH" on the U of M search engine.