|
|
 |
| /root | OpenBSD | FreeBSD |
|
| >> Main | System | Network | Daemons | Security | Software | Various |
|
Sections |
|
|
|
The SSH protocol was developed to solve the issue of insecure remote logins with programs like telnet, rsh and rlogin. OpenSSH, developed by the OpenBSD team, and all other SSH implementations make use of encryption to transmit data over the internet and intranet. Sniffing passwords and sensitive data becomes much harder for parties interested in your transmissions. SSH client The SSH client, /usr/bin/ssh on OpenBSD systems, is used to login
on a remote host or directly execute a program remotely.Login to remote host: ssh -l username remote-host.example.orgssh username@remote-host.example.orgIf your username is the same on the remote end as it is where you execute the SSH client, providing a username is not necessary. At the time of your first login attempt you're asked by your own SSH client if you'd like to accept the public key of the remote host. Enter "yes" if you verified the authenticity of that key. That public key of the remote host is then saved to ~/.ssh/known_hosts.That key is checked with the offered public key each time you're connection again to this remote host. When the offered key differs from the one previously stored, your SSH client will alert you about it and terminates the connection process. This way, accidentally logging in to a host pretending to be the host you'd like to connect with, can be prevented. If you see such a warning from your SSH client, verify with your sysadmin if that new key is a valid/authentical public key of the host. There are valid reasons for hosts having a new public key. scp: secure copy scp is used to copy files securely to a remote host. Its syntax is not that different
from cp or rcp. I think it's best to just provide some examples of its usage.Copying files from the current host to remote host: scp onefile.tgz username@remote-host.example.org:adirectoryscp *.tgz username@remote-host.example.org:/tmp/adirectoryscp -r /tmp/backup username@remote-host.example.org:/tmp/adirectoryCopying files from remote host to this host: scp 'username@remote-host.example.org:myfiles/onefile.tgz' .scp 'username@remote-host.example.org:myfiles/*.tgz' .scp -r 'username@remote-host.example.org:myfiles' /tmp/backupsftp: secure ftp sftp is best compared and used as a rather lite edition of a standard text-mode ftp client.
As far as I can see it only differs from FTP in that it's using encryption to transmit data and if I'm
not mistaken, all communication between client and server goes through port 22.SSH daemon The SSH daemon is the program that accepts and handles the incoming SSH connections. It is run by default on OpenBSD systems and configured pretty secure. The only thing I changed was the option that allows remote logins to root, since I'm rather paranoid (: To turn off the allowance of remote root logins, edit /etc/sshd_config and change
the PermitRootLogin to no:PermitRootLogin nosftp-server The sftp-server is the daemon or server side of the Secure FTP protocol. To be able to use sftp to your host, edit the SSH daemon configuration file /etc/sshd_config. Search
for the following line and remove the hash-sign in front of it:Subsystem sftp /usr/libexec/sftp-serverThen restart your SSH daemon. |
| Contact | Feedback | License | Copyright © 2000,2001,2002,2003,2004,2005,2006 PureBSD.com |
|
All rights reserved. |
