Welcome to the Secure Shell* FAQ

 

    If you have read sequentially so far through HackNet, you will have realized by now that there is no security with IP (for example, see the sections on listening over the network to ftp and telnet.) 

    One highly touted method of dealing with the security issue is to use a new shell called Secure Shell* (ssh*).  Secure Shell deals with issues ranging from IP routing to DNS spoofing to listening for passwords over the network.  Ssh encrypts the messages going over the network so that X11 sessions are even safe.  To read more about the powers of ssh overcoming security issues, go to here.  For our definition of "secure", read this.

How to Get SSH Running on Your Machine:

    To download ssh, go here.

   To install ssh2, follow this.    

Using SSH on Your Machine:

    Now that ssh2 is running (and the associated daemon), you will need to make keys for yourself.  In order to do this, go here.

    Once you have your keys made, you may now connect to other machines that have Secure Shell running.  In order to do this, you type

    ssh2 [options] [ -l <log-in name> ] <host machine>

    which takes over the old command rlogin and rsh.  

    The command

    sftp [options] <host machine>

    replaces the old command ftp with a secure version.

    Finally, the command rcp has been replaced with

    scp2 [options] <source file/directory name (incl. host)> <destination file/directory name (incl. host)>

 

Tutorials:

    Click here to see a list of excellent tutorials.

Proceed at Your Own Risk!

    Before you imagine that Secure Shell is the End-All-Be-All answer to security, read the following:

    If you are inclined to use telnet, or ftp, or any of the other aforementioned remote commands, then the Secure Shell will not encrypt your data because those commands are not routed through the Secure Shell daemon.  Only the commands listed above (ssh2, sftp, and  scp2) will encrypt the IP packets going across the network.

    For example, to see an example of someone using Secure Shell unwisely using ftp, go here.

    For an abridged list of things that Secure Shell does not protect against, go here.

 

Examples of the Security of SSH:

    Below are links to examples of ssh2 in various situations compared to the normal running of IP packets:

Normal running:    telnet    -    ftp    -    X11 session    

Using ssh2:           telnet    -    ftp    -    X11 session    

 

 

 

* NOTE:  SSH is a registered trademark and Secure Shell is a trademark of SSH Communications Security Ltd (www.ssh.fi).