ssh-ecurity — Part 4: Look Ma', no passwords!
If you've been following along since the first installment, no doubt you've decided to give ssh a whirl. If you have, you have discovered the host key login mechanics discussed in the previous installment. The use of host key authentication is fine for most purposes; especially, when you will log into a remote system and spend much of your time at its command line. Additionally, it's also acceptable for those occasional remote command executions you may need to perform. You use the ssh, specify your remote username and the remote host, and it prompts you for your password on that remote host. If you oblige it by supplying your password to authenticate yourself, you are securely logged in. So, what then is public key authentication?ssh-ecurity — Part 3: Its keys to success.
In the prior "ssh-ecurity" blogs, I've introduced the ssh concept and command. In short, ssh provides a way of communicating between two systems in a secure fashion using encryption. Undoubtedly, you've heard the term encryption before; it's nothing new. Famous examples exist from ancient times to more modern times. An entire science of cryptography was born out of trying to decipher encoded communications intercepted during the course of World War II. Google "German Enigma" or "Japanese Purple" for some background and the history of cryptography. In general terms, encryption is a process whereby the information to be transmitted or stored/archived is converted into a secret format that connot be readily understood by someone who is not authorized to have access to that information.ssh-ecurity — Part 2: In command with ssh.
In "ssh-security — Part 1: What is ssh?", I introduced the basic ssh command as a way to log into a remote host maintaining a secure encrypted channel between the local and remote. However, ssh is so much more than just a replacement for telnet or its OpenVMS DECnet equivalent$ SET HOST
with encryption. It's chock full of features which make ssh a very powerful tool; even if you don't use it as a command line tool. These will be explored as this series progresses; however, let's first take a look at some of the ssh features from the command line for those that use the command line.
Knock, knock, knockin' on ssh-session's door...
The internet has become a war zone!As soon as a new system is connected to the internet, the nefarious types will discover it and start banging away with port scanners and password crackers hoping to find a vulnerability. Rest assured that if you are using OpenVMS with only secure login (ssh) and your accounts have strong passwords, your system is fairly safe. However, this doesn't mean that these nafarious types won't try; they will! If you are using HP TCP/IP Services for OpenVMS, these port scans and password crack attacks can yield some undesirable consequences — the creation of gazillions of TCPIP$SSH processes.
ssh-ecurity — Part 1: What is ssh?
The internet is, in my opinion, one of the greatest advancements to mankind since the transistor. The transistor revolutionized our world making communications and information more accessible. The internet is now augmenting that revolutionary access to communications and information. Today, I can travel almost anywhere in the world and there it is — the internet. It's as ubiquitous as Starbucks but a much better product. I am virtually always in touch, thanks to the internet.Sprint Sierra Wireless AC597E ExpressCard on Mac OS X 10.4.11 and Ubuntu 8.10
Back around the beginning of the new year (2009), I picked up a 17" Toshiba Satellite for a steal at a going out of business liquidation sale at a nearby Office Depot. I immediately installed Ubuntu Linux on this laptop supplanting the commercial virus (a.k.a. WEENDOZE VISTA) installed on its hard drive. My next adventure was to configure it to use my existing Sprint Curitel PC5740 PCMCIA card. However, the 17" Toshiba Satellite was equipped with an ExpressCard/54 slot. No problem, per se, as I'd purchased a PCMCIA-ExpressCard/54 adapter. The Sprint Curitel appeared as soon as I plugged it into the slot with this adapter. In a few short minutes, I was connected to the internet using the Sprint Curitel EVDO card on my new acquisition.Archive Contents
- ssh-ecurity — Part 5: The X11 Files
- ssh-ecurity — Part 4: Look Ma', no passwords!
- ssh-ecurity — Part 3: Its keys to success.
- ssh-ecurity — Part 2: In command with ssh.
- Knock, knock, knockin' on ssh-session's door...
- ssh-ecurity — Part 1: What is ssh?
- Sprint Sierra Wireless AC597E ExpressCard on Mac OS X 10.4.11 and Ubuntu 8.10
Search
Archives
- 01-Oct-2015 … 31-Oct-2015
- 01-Jun-2014 … 30-Jun-2014
- 01-May-2014 … 31-May-2014
- 01-Dec-2012 … 31-Dec-2012
- 01-Mar-2012 … 31-Mar-2012
- 01-Feb-2012 … 29-Feb-2012
- 01-Jan-2012 … 31-Jan-2012
- 01-Dec-2011 … 31-Dec-2011
- 01-Apr-2011 … 30-Apr-2011
- 01-Mar-2011 … 31-Mar-2011
- 01-Jan-2011 … 31-Jan-2011
- 01-Dec-2010 … 31-Dec-2010
- 01-Nov-2010 … 30-Nov-2010
- 01-Jun-2010 … 30-Jun-2010
- 01-Jan-2010 … 31-Jan-2010
- 01-Sep-2009 … 30-Sep-2009
- 01-Aug-2009 … 31-Aug-2009
- 01-Jul-2009 … 31-Jul-2009
- 01-Jun-2009 … 30-Jun-2009