Using key-based authentication over SSH
SSH, or secure shell, is a protocol by which users can remotely log in, administer, or transfer files between computers using an encrypted transport mechanism. Running over every major operating system, SSH provides a more secure connection method than traditional telnet or the much-maligned "r commands" (rlogin, rcp, rsh). SSH includes provisions for key-based authentication that doesn't require a password, which opens the door for some innovative remote access applications.
SSH works on a client/server model. A user runs SSH client software to connect to a server running SSH software that listens on a TCP port. Like telnet, SSH gives users a command-shell type interface into the computer. Unlike telnet, SSH encrypts the login credentials and all of the data flying over the wire. SSH and its related protocols, such as Secure Copy Protocol (SCP) and Secure File Transfer Protocol (SFTP), offer more secure alternatives to their unencrypted brethren.
By Steve Suehring at NewsForge.
[ Read more ]
- Review: Implementing SSH: Strategies for Optimizing the Secure Shell (16 January 2004)
- Review: Secure Shell in the Enterprise (20 August 2003)
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.