Sidebar image

Why do I need to use a secure shell?

(... or why can't I use telnet and ftp on department servers)

Every time you telnet or ftp into a server like our webserver, you send your login name and password "in the clear", that is unencrypted so that an eavesdropper could intercept it, and compromise the security of our server. Secure Shell (SSH) is a means to combat this by establishing an "encrypted tunnel" through which all communications pass. OpenSSH is a free implementation of ssh2. From their site, we quote:

OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools that increasing numbers of people on the Internet are coming to rely on. Many users of telnet, rlogin, ftp, and other such programs might not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks. Additionally, OpenSSH provides a myriad of secure tunneling capabilities, as well as a variety of authentication methods.

Because telnet and ftp are inherently insecure, and secure programs are just as easy to use, you must use these programs in order to access department linux machines, including our webserver.

Information and ssh software for specific platforms is available on the previous page. For convenience we have made some of them available locally. Since the last download was September 2003, you may want to check the individual sites for updated applications.