r4 - 02 Feb 2012 - 16:47:41 - JacobElaYou are here: TWiki >  CSDocs Web  > SshFAQs

SSH FAQ

What Is SSH?

SSH (Secure Shell) is a program to log into another computer over a network, to execute commands on a remote computer, and to move files from one computer to another, in a secure manner.

Why Use SSH?

Regular telnet connections transmit your password over the net in "plaintext" -- your password is not encrypted or protected in any way. It is possible for others to eavesdrop on the network and capture your username and password. With your username and password, they can then easily use your account, reading or changing your files, electronic mail, etc.

With SSH, your password never is transmitted without strong encryption.

Similar functionality is available with Kerberos, however it is more difficult to install and configure on private computers. Kerberos has been installed on all CSL workstations.

How Do I Use SSH On CSL Workstations?

On UNIX systems:

  • SSH has been installed on CSL Unix workstations in /s/std/bin/ssh. When you wish to connect to a remote computer that supports ssh, type ssh remote-host where remote-host is the hostname of the other computer.
On Windows 2000 systems:
  • SSH Secure Shell is installed on supported CSL Windows 2000 workstations, and is found in the Start menu under SSH. This package also provides a graphical file transfer mode.

How Do I Use SSH Off-Site?

Please see Using SSH for instructions on installing and using ssh from computers outside the CS department.

How Can I Securely Transfer Files To And From CS Department Computers?

This is handled in another HOWTO document; see How To Transfer Files From A Remote System for details on transferring files.

Why Doesn't SSH RSA Authentication Work?

RSA Authentication is method for SSH to automatically authenticate the client, without the user typing a password.

RSA authentication does not work out of the box with CSL computers because it is necessary to authenticate to the AFS filesystem. The login process handles AFS authentication, using the password you provide. Without a password, it is not possible to authenticate to AFS.

Some users have reported degrees of luck getting around this using the instructions found at http://openafs-wiki.stanford.edu/AFSLore/SSHKeyAuthentication/, but the CSL has not verified this and doesn't officially support it.

See Also:

Edit | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r4 < r3 < r2 < r1 | More topic actions
 
CSL Home
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback