78 SSH: Secure Communications

20210913 The Secure Shell (provided by the ssh package providing the ssh command) provides a secure mechanism for communicating with remote hosts on a network. Unlike traditional tools such as rsh, rcp, rlogin, telnet, and ftp, ssh encrypts all communications, including passwords, reducing the opportunity for inappropriate interception. It can also be used to encrypt your pop (email) communications and protect you from DNS and IP spoofing where remote machines pretend to be genuine machines that you are wanting to connect to. Implementations of ssh exist for most of the major operating systems.

Ubuntu provides the OpenSSH version of ssh which also installs the OpenSSH server, allowing incoming connections from ssh.

  $ wajig install ssh                   (apt-get install ssh)

Whilst passwords are supported by ssh public keys are recommended. This will reduce the opportunity for man-in-the-middle attacks. Such an attack creates a Trojan remote host that pretends to be the remote host you are attempting to connect to through ssh (using IP spoofing, DNS spoofing or routing spoofing). Such a Trojan intercepts your communications to obtain your password, and will usually then even connect through to the actual remote host so that you may not even notice the interception. See Section ?? for details of setting up public keys.

As a little history, a Finnish company developed the original ssh but copyright and patent issues lead to the development of the free OpenSSH. There were two major (and slightly incompatible) versions of ssh: 1.X and 2.X. From a 2.X client you can not connect to a 1.X server. Connecting to an OpenSSH 2.X server from any version of the client is supported though.



Your donation will support ongoing availability and give you access to the PDF version of the book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2021 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0.