SSH Overview
SSH is a widely-used suite of remote access programs which provides
authentication (to protect your password) and encryption (to protect
your data). It does not generally use Kerberos, although more recent
versions include this as an option. For general information on SSH,
including mailing lists and FAQs, see the SSH Users Group and
SSH Home Page.
A free Unix version of SSH is available for most platforms from http://www.ssh.org/.
Mac and PC versions are available from various sources including the
following. Please note
that the Computing Helpdesk is not equipped to offer help with
SSH on the level provided for IS
supported software.
Generally, ssh involves users generating public/private key pairs and
using them to authenticate, but the default behavior on Athena is to
use either Kerberos authentication (with forwardable tickets), or
simple password authentication. The reason for this is that
you need to get Kerberos tickets to be able to do things like read
your files and incorporate your mail, and you can't get tickets on the
remote machine without either forwarding them from the machine you're
already logged in to, or typing your password.
If you have forwardable Kerberos tickets on your machine (the default
in Athena 8.2 and later), then ssh will use them to authenticate you
and log you in. If you don't, it will fall back to password
authentication (ssh always encrypts your connection, including any
password you type).
ssh is a secure remote login program, which can be used
in place of regular telnet, or on systems where kerberized telnet is not readily
available.
Example of how to use ssh to login remotely to/from
Athena
You can run X windows applications
remotely from ssh to secure the X connection.
scp is a secure alternative to the regular UNIX rcp
command for copying files between hosts (scp uses ssh for authentication
and data encryption). You can use it between any UNIX host with SSH
installed and the Athena dialups (or a private workstation with
remote-access enabled).
Example
of how to use scp to transfer files to/from Athena.
Most of the SSH clients currently available for Mac and PC do not
include an scp feature, but some provide other means for making secure
file transfers:
SecureCRT is a terminal emulation program which includes ssh and has
zmodem file transfer capabilities. The MIT Media Lab has extended its
license of this program client to make it available to the MIT
community. MIT's SecureCRT download
site includes a README file which explains how to enter the MIT
license data. Once you have downloaded the program and entered the
necessary license information, you'll need to set up a session profile
specifying ssh as the protocol:
- The Connect window may open automaticaly;
otherwise, go to the File menu and select
Connect.
- Under the Session List tab, select
New.
- Under the Session tab, set the
Protocol to ssh, and
enter either the hostname for a private workstation or
athena.dialup.mit.edu. The other default settings
should be correct.
related ACS notes: Remote Access Overview |
Remote Login Guide | File Transfer Guide
| Academic Computing | Contact us
Last modified: Thu Jul 8 16:59:33 1999