In a previous class, we had the following question:

There's recently been some concern about the security of using FTP and Telnet on college servers. Experts seem to be recommending alternate protocals to reduce the risk. Does anyone have any thoughts on protecting our passwords, etc. while accessing IUPUI's servers remotely?

Here is the response:

The protocols in question are FTP and Telnet and actually we have something in place to minimize the threat. In the aftermath of the distributed denial of service attacks from february, the makers of the commercial Secure Shell (SSH) decided to allow university faculty, staff, and students to download their PC client program. Free versions of both the client and server have been available for years. We support SSH and in fact, it is all I use to remotely connect from one machine to the other.

What SSH does is provides the same sort of connectivity we have with telnet and ftp with the exception that all information transmitted across the internet is encrypted. The PC client can be downloaded from www.ssh.org. When you run the client, it will prompt you to enter the name of the machine you want to connec to, your username, and password. At this point, you will have your UNIX prompt like you would for any other telnet program. If you want to ftp to/from that system, there is an icon which will open up a file manager like program showing your files on the UNIX system. You would then drag files to and from it.

Copyright © 2000 - Indiana University Purdue University - Indianapolis