Manualshelf

Datasheet

ManualsBrandsNovell ManualsSoftware00662644465449-OEM
671672673674675676677678679680
“main” (Installation and Administration) 2004/6/25 13:29 page 652 #678
i
i
i
i
i
i
i
i
26.4 SSH — Secure Shell, the Safe
Alternative
With more and more computers installed in networked environments, it
often becomes necessary to access hosts from a remote location. This nor-
mally means that a user sends login and password strings for authentica-
tion purposes. As long as these strings are transmitted as plain text, they
could be intercepted and misused to gain access to that user account with-
out the authorized user even knowing about it. Apart from the fact that this
would open all the user’s files to an attacker, the illegal account could be
used to obtain administrator or root access or to penetrate other systems.
In the past, remote connections were established with telnet, which offers
no guards against eavesdropping in the form of encryption or other secu-
rity mechanisms. There are other unprotected communication channels,
like the traditional FTP protocol and some remote copying programs.
The SSH suite provides the necessary protection by encrypting the authen-
tication strings (usually a login name and a password) and all the other
data exchanged between the hosts. With SSH, the data flow could still be
recorded by a third party, but the contents are encrypted and cannot be re-
verted to plain text unless the encryption key is known. So SSH enables se-
cure communication over insecure networks, such as the Internet. The SSH
flavor that comes with SUSE LINUX is OpenSSH.
26.4.1 The OpenSSH Package
SUSE LINUX installs the package OpenSSH by default. The programs ssh,
scp, and sftp are then available as alternatives to telnet, rlogin, rsh, rcp,
and ftp.
26.4.2 The ssh Program
Using the ssh program, it is possible to log in to remote systems and work
interactively. It replaces both telnet and rlogin. The slogin program is just
a symbolic link pointing to ssh. For example, log in to the host sun with the
command ssh sun. The host then prompts for the password on sun.
After successful authentication, you can work on the remote command line
or use interactive applications, such as YaST. If the local user name is differ-
ent from the remote user name, you can log in using a different login name
with ssh -l augustine sun or ssh augustine@sun.
652 26.4. SSH — Secure Shell, the Safe Alternative