What is SSH?
SSH or Secure Shell is a login method that provides encryption of the data and sent password. There are three replacement clients for use:
- ssh or slogin: replaces traditional rsh/rlogin and provides many more features.
- scp: replaces traditional rcp
- sftp: replaces ftp with a more or less similar interface It is strongly recommended that you read the manpages for ssh, scp, slogin, sftp and other ssh manpages.
SSH can also forward other insecure services over the same encrypted tunnel. For example X11, POP, IMAP, all can be tunneled over a ssh channel. See below for more details.
Download SSH Clients
- Putty is a free implementation of Telnet and SSH for Windows and Unix platforms, along with an
xterm
terminal emulator. - iTerm SSH for Mac OS X: http://sourceforge.net/project/showfiles.php?group_id=67789. Choose the latest iTerm-VERSION.dmg, which is a disk image that will contain the binary.
- Secure file transfer for Mac OS X: CyberDuck - http://cyberduck.ch/
You can also download SSH clients from the CATS website. You need a UCSC student account for access (your BSOE username and login will not work). Download from: http://www2.ucsc.edu/cats/sc/software/ssh
Whats the difference between OpenSSH and SSH?
SSH is the original now commercial version of the Secure Shell protocol developed at the University of Helsinki by Tatu Ylonen. OpenSSH was developed by a separate group as part of the OpenBSD project. There are sadly several differences which make using these products in a mixed environment difficult. Notably:
- OpenSSH's version 2.X protocol 2 does not support hostbased authentication (.shosts)
- OpenSSH uses a slightly different agent forwarding scheme, making it difficult to use ssh-agent with SSH.COM's daemon.
SSH Requires the Campus VPN
With the exception of two servers (ssh.soe.ucsc.edu and gateway.soe.ucsc.edu) off-campus SSH connections to BSOE systems are not allowed. In order to connect you will need to use the campus VPN or one of the two aforementioned servers which do allow direct SSH connections.
How do I setup login without password?
There are two primary methods, one which we support only without BSOE systems for legacy reasons, and one which we recommend converting to. Within BSOE systems, hostbased authentication is supported if you use the SSH.COM which is the supported ssh client on BSOE systems for this reason. Hostbased authentication uses a file identical in format to rlogin/rsh .rhosts. A .shosts file lists the hosts and usernames you wish to be able to ssh from without password to another system where that same .shosts file is often available over NFS. For example, the following .shosts file allows joeuser@cse.ucsc.edu to SSH from sundance.cse.ucsc.edu to any other BSOE system where that .shosts file is in ~joeuser/.shosts
sundance.cse.ucsc.edu joeuser
The other preferred method of connection without password involves the use of the ssh-agent program.
Using SFTP Clients (FileZilla)
SFTP is a file transfer protocol which operates through an SSH connection. If you need to transfer files to and from BSOE Linux servers, you can use an SFTP client to easily access your home directory, projects directories, and local server filesystems. While there are alternatives, a good cross-platform SFTP client is FileZilla.
You can connect directly to ssh.soe.ucsc.edu or gateway.soe.ucsc.edu with SFTP clients. Once connected, you can simply drag and drop files and folders to transfer them between the client and server.