I still remember the first time I login to a remote UNIX server many years ago. It was really exciting to see remote server login shell displayed on the "Telnet" session of my local computer. During those days, most of the time I login to a remote server using telnet for checking emails, compiling and debugging computer programs, and to run some commands. Nearly all activity on the Internet was conducted through remote login sessions to large servers running at my university servers. Network bandwidth was quite expensive then. And Data speed was slow too. Network security was not much a concern for such a connection. Seldom do we encounter any news regarding people hacking into the network or server for mischievous reasons ...
When Mosaic - the first Internet browser that displays images was invented in 1993, gradually everything changed! Internet started to gain more and more attention from the public. The "hacker" no longer means an ethically good programmer but someone who breaks into computers ... Security was getting more and more attention from both enterprises and the public. It was in this situation that many new network security measures were introduced. For example, SSH (Secure Shell) was created as a secure replacement for telnet. It has all the functionality of telnet with security and added features. Nevertheless, it was only in 1996 that I started to use this tool (you could tell network security wasn't even in my consideration before that :)
As in the case of FTP (please refer to my June 2013 article), everything transmitted in a telnet session are not encrypted. This means your user identification and password are all sent in clear text! In SSH, however, the passwords are encrypted. SSH Secure Shell uses RSA public key cryptography for connection and authentication. These encryption algorithms include DES, 3DES, Blowfish and IDEA.
SSH commonly uses TCP port 22 to connect your computer to another computer on the network. In fact SSH comprised of a suite of three utilities, slogin, ssh and scp. "slogin" is used to securely log into another computer over a network, "ssh" for executing commands in a remote machine, and "scp" for moving files from one machine to another. These utilities are based on earlier versions of UNIX utilities rlogin, rsh and rcp which are insecure by nature. For example, when using ssh's slogin (instead of rlogin) the entire login session, including transmission of password, is encrypted; therefore it is almost impossible for an outsider to collect passwords. This means an attacker who has managed to take over a network can only force ssh to disconnect. He or she cannot play back the traffic or hijack the connection when encryption is enabled.
There are two components in a SSH Secure Shell software package - the server and the client. Both components will need to be installed and configured prior to use. The server component is not limited to a traditional UNIX or Microsoft server but could also be available in a router, firewall, or many other devices. To use SSH on Windows, you have to download an SSH client. A number of SSH clients are available in the Internet nowadays and some are available as freeware. You may like to try out OpenSSH, PuTTY, Tera Term to experience how this tools work. If you like to setup SSH server too, download OpenSSH and setup "sshd" at the server side.
No comments:
Post a Comment