[permalink] [id link]
SSH is important in cloud computing to solve connectivity problems, avoiding the security issues of exposing a cloud-based virtual machine directly on the Internet.
from
Wikipedia
Some Related Sentences
SSH and is
The implication of this attack is that all data encrypted using current standards based security systems such as the ubiquitous SSL used to protect e-commerce and Internet banking and SSH used to protect access to sensitive computing systems is at risk.
Secure Shell ( SSH ) is a cryptographic network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked computers that it connects via a secure channel over an insecure network: a server and a client ( running SSH server and SSH client programs, respectively ).
The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet.
Hence, in all versions of SSH it is important to verify unknown public keys, i. e. associate the public keys with identities, before accepting them as valid.
SSH also supports password-based authentication that is encrypted by automatically generated keys.
However this is only possible if the two sides have never authenticated before, as SSH remembers the key that the remote side once used.
SSH is typically used to log into a remote machine and execute commands, but it also supports tunneling, forwarding TCP ports and X11 connections ; it can transfer files using the associated SSH file transfer ( SFTP ) or secure copy ( SCP ) protocols.
An SSH client program is typically used for establishing connections to an SSH daemon accepting remote connections.
Notably, Windows is one of the few modern desktop / server OSs that does not include SSH by default.
It is estimated that,, there were 2 million users of SSH.
SSH is a protocol that can be used for many applications across many platforms including most Unix variants ( Linux, the BSD's including Apple's OS X, & Solaris ), as well as Microsoft Windows.
For example, using the SSH protocol to implement a VPN is possible, but presently only with the OpenSSH server and client implementation.
Authentication is client-driven: when one is prompted for a password, it may be the SSH client prompting, not the server.
The functionality of the transport layer alone is comparable to Transport Layer Security ( TLS ); the user authentication layer is highly extensible with custom authentication methods ; and the connection layer provides the ability to multiplex many secondary sessions into a single SSH connection, a feature comparable to BEEP and not available in TLS.
SSH provides much of the functionality of telnet, with the addition of strong encryption to prevent sensitive data such as passwords from being intercepted, and public key authentication, to ensure that the remote computer is actually who it claims to be.
However, most Telnet implementations do not support these extensions ; and there has been relatively little interest in implementing these as SSH is adequate for most purposes.
The most common way to encrypt X traffic is to establish a Secure Shell ( SSH ) tunnel for communication.
SSH and computing
In computing, the SSH File Transfer Protocol ( also Secret File Transfer Protocol, Secure FTP, or SFTP ) is a network protocol that provides file access, file transfer, and file management functionalities over any reliable data stream.
PuTTY is a free and open source terminal emulator application which can act as a client for the SSH, Telnet, rlogin, and raw TCP computing protocols and as a serial console client.
SSH and avoiding
As an alternative, one can tunnel VNC through SSH, avoiding the opening of additional ports and automatically traversing the NAT router.
Some " socksifiers " support SSH directly, thus avoiding the need for a SSH client.
SSH and security
The standard TCP port 22 has been assigned for contacting SSH servers ,< ref >< cite > port-numbers assignments </ cite > at iana. org </ ref > though administrators frequently change it to a non-standard port, believing it adds an additional security measure.
Because of security issues with Telnet, its use for this purpose has waned in favor of SSH.
Some other Internet security systems in widespread use, such as Secure Sockets Layer ( SSL ), Transport Layer Security ( TLS ) and Secure Shell ( SSH ), operate in the upper layers of the TCP / IP model.
However, VNC may be tunnelled over an SSH or VPN connection which would add an extra security layer with stronger encryption.
Even though the SMB protocol itself contains no encryption, the encrypted SSH channel through which it travels offers security.
Linux, UNIX and BSD support remote administration via remote login, typically via SSH ( The use of the Telnet protocol has been phased out due to security concerns ).
X-server connection forwarding, often tunnelled over SSH for security, allows GUI programs to be used remotely.
SSH and virtual
An SSH tunnel can provide a secure path over the Internet, through a firewall to a virtual machine.
SSH and machine
Example of tunneling an X11 application over SSH: the user ' josh ' has SSHed from the local machine ' foofighter ' to the remote machine ' tengwar ' to run xeyes.
* request local display / input service ( e. g., < tt > export DISPLAY =</ tt > machine < tt >: 0 </ tt > if not using SSH with X forwarding or ' tunneling ' enabled ).
Shows that on this machine only the SSH service is listening to the public network interface of the computer.
The originating machine invokes a preprocessor to handle header files, preprocessing directives ( such as ) and the source files and sends the preprocessed source to other machines over the network via TCP either unencrypted or using SSH.
To set up an SSH tunnel, one configures an SSH client to forward a specified local port to a port on the remote machine.
If users can connect to an external SSH server, they can create a SSH tunnel to forward a given port on their local machine to port 80 on a remote web-server.
Similarly, < tt > molly-guard </ tt > is a package on Debian-based Linux distributions that traps shutdown and reboot commands over SSH, and confirms the machine is the correct machine by requiring the user to type the hostname of the system before the event will proceed.
Public-key cryptography plays the central role in the idea of logging in to a server from a local machine via SSH.
SSH and on
Logging into OpenWrt via SSH using PuTTY running on Microsoft Windows | Windows.
* For development on a mobile or embedded device that supports SSH.
** GSSAPI authentication methods which provide an extensible scheme to perform SSH authentication using external mechanisms such as Kerberos 5 or NTLM, providing single sign on capability to SSH sessions.
These security-related shortcomings have seen the usage of the Telnet protocol drop rapidly, especially on the public Internet, in favor of the Secure Shell ( SSH ) protocol, first released in 1995.
In daemon mode, rsync listens on the default TCP port of 873, serving files in the native rsync protocol or via a remote shell such as RSH or SSH.
A broad array of third-party software including 3D function graphing tools, web browsers, chat, email and NNTP clients, telnet / SSH, spreadsheets, word processors, sound & graphics tools, network tools, and programming tools can be located on the internet.
Curses is designed to facilitate GUI-like functionality on a text-only device, such as a PC running in console mode, a hardware ANSI terminal, a Telnet or SSH client, or similar.
Another common way for an application on a remote system to operate through a window on a local Cygwin / X display is SSH tunneling.
An application on the local system creates an SSH session on the remote system ( perhaps the application is xterm and the user types an ' ssh ' command ).
The SSH server on the remote system sets things up so that any X client program the shell starts ( on the remote system ) uses the local Cygwin / X server.
Among notable enhancements are file transfers, support for Windows DFMirage mirror driver to detect screen updates ( saves CPU time, DFMirage isn't supported in 2. x versions, but really it dramatically increase the performance of TightVnc, at least for tightVNC V 2. 0. 4 ), ability to zoom the picture and automatic SSH tunneling on Unix.
It is based on the Secure Shell ( SSH ) protocol.
Normally, a client initiates an SSH connection to the remote host, and requests an SCP process to be started on the remote server.
Many networks which formerly relied on rlogin and telnet have replaced it with SSH and its rlogin-equivalent slogin.
As an alternative to installing an agent on hosts, Zabbix includes support for monitoring via SNMP, TCP and ICMP checks, as well as over IPMI, JMX, SSH, telnet and using custom parameters.
Midnight Commander is based on versatile text interfaces, such as Ncurses or S-Lang, which allow it to work on a regular console, inside an X Window terminal, over SSH connections, RS-232 interface ( for embedded devices ) and all kinds of remote shells.
The Washington State Legislature first established a state-maintained highway on a section of present-day SR 523 in 1937, with the establishment of ( SSH 1J ), which ran from Downtown Seattle to ( PSH 1 ) in North Seattle, via the current long section of SR 523 from I-5 to 5th Avenue Northeast.
With a port knock system in place on ports such as the SSH port, it can prevent brute force password attacks on logins.
0.279 seconds.