ssh-ecurity — Part 5: The X11 Files

I'm a luddite and I'm an erudite command line user. Most of the time I spend on the computer is spent at the command line because I've been doing it that way for decades. I'm quite comfortable at the commmand line because of the knowledge I've gained and used almost daily for decades. My text editor of choice is EDT on OpenVMS but I do escape from time to time to TPU with EDT keypad. On linux, vi works fine for most of my needs, especially when I'm sudoing to edit system configuration files. However, there are some things which simply cannot be accomplished at the command line.


VAXman Friday 31 July 2009 at 07:29 am | | | No comments

ssh-ecurity — Part 4: Look Ma', no passwords!

If you've been following along since the first installment, no doubt you've decided to give ssh a whirl. If you have, you have discovered the host key login mechanics discussed in the previous installment. The use of host key authentication is fine for most purposes; especially, when you will log into a remote system and spend much of your time at its command line. Additionally, it's also acceptable for those occasional remote command executions you may need to perform. You use the ssh, specify your remote username and the remote host, and it prompts you for your password on that remote host. If you oblige it by supplying your password to authenticate yourself, you are securely logged in. So, what then is public key authentication?


VAXman Thursday 30 July 2009 at 05:49 am | | | Two comments

ssh-ecurity — Part 3: Its keys to success.

In the prior "ssh-ecurity" blogs, I've introduced the ssh concept and command. In short, ssh provides a way of communicating between two systems in a secure fashion using encryption. Undoubtedly, you've heard the term encryption before; it's nothing new. Famous examples exist from ancient times to more modern times. An entire science of cryptography was born out of trying to decipher encoded communications intercepted during the course of World War II. Google "German Enigma" or "Japanese Purple" for some background and the history of cryptography. In general terms, encryption is a process whereby the information to be transmitted or stored/archived is converted into a secret format that connot be readily understood by someone who is not authorized to have access to that information.


VAXman Wednesday 29 July 2009 at 10:48 am | | | No comments

ssh-ecurity — Part 2: In command with ssh.

In "ssh-security — Part 1: What is ssh?", I introduced the basic ssh command as a way to log into a remote host maintaining a secure encrypted channel between the local and remote. However, ssh is so much more than just a replacement for telnet or its OpenVMS DECnet equivalent $ SET HOST with encryption. It's chock full of features which make ssh a very powerful tool; even if you don't use it as a command line tool. These will be explored as this series progresses; however, let's first take a look at some of the ssh features from the command line for those that use the command line.


VAXman Tuesday 28 July 2009 at 5:20 pm | | | No comments

Knock, knock, knockin' on ssh-session's door...

The internet has become a war zone!

As soon as a new system is connected to the internet, the nefarious types will discover it and start banging away with port scanners and password crackers hoping to find a vulnerability. Rest assured that if you are using OpenVMS with only secure login (ssh) and your accounts have strong passwords, your system is fairly safe. However, this doesn't mean that these nafarious types won't try; they will! If you are using HP TCP/IP Services for OpenVMS, these port scans and password crack attacks can yield some undesirable consequences — the creation of gazillions of TCPIP$SSH processes.


VAXman Monday 27 July 2009 at 1:04 pm | | | No comments

ssh-ecurity — Part 1: What is ssh?

The internet is, in my opinion, one of the greatest advancements to mankind since the transistor. The transistor revolutionized our world making communications and information more accessible. The internet is now augmenting that revolutionary access to communications and information. Today, I can travel almost anywhere in the world and there it is — the internet. It's as ubiquitous as Starbucks but a much better product. I am virtually always in touch, thanks to the internet.


VAXman Sunday 26 July 2009 at 7:29 pm | | | No comments

Sprint Sierra Wireless AC597E ExpressCard on Mac OS X 10.4.11 and Ubuntu 8.10

Back around the beginning of the new year (2009), I picked up a 17" Toshiba Satellite for a steal at a going out of business liquidation sale at a nearby Office Depot. I immediately installed Ubuntu Linux on this laptop supplanting the commercial virus (a.k.a. WEENDOZE VISTA) installed on its hard drive. My next adventure was to configure it to use my existing Sprint Curitel PC5740 PCMCIA card. However, the 17" Toshiba Satellite was equipped with an ExpressCard/54 slot. No problem, per se, as I'd purchased a PCMCIA-ExpressCard/54 adapter. The Sprint Curitel appeared as soon as I plugged it into the slot with this adapter. In a few short minutes, I was connected to the internet using the Sprint Curitel EVDO card on my new acquisition.


VAXman Thursday 23 July 2009 at 2:52 pm | | | No comments