Topics Map > Communication & Collaboration > Website Services
Topics Map > Infrastructure > Virtual Machines
How do I connect to Unix safely?
SSH (Secure Shell) protocol is the secure replacement of telnet.
The same privacy considerations that apply to email and files also apply to remote logins. You have every right to expect security for your interactions when you're logged in to a remote host machine:
- Authenticity - Being able to tell without a doubt what the source of the data is. Your password tells the server who you are, but that's only half of the question; the server should also assure you what it is.
- Privacy - Scrambling data so it can't be used by anyone except the person or machine that it's intended for. Privacy in remote logins means encrypting your password and, for that matter, your entire session, so only you and the server you're logged into can read it.
- Integrity - Assurance that the server is receiving everything you send it, nothing more, nothing less. And vice versa -- assurance that you're receiving the exact messages, output, and files the server sends you, nothing more, nothing less.
Yes, remote logins are vulnerable in all these areas. Say you're going from here to there. If the route from here to there goes though someone else's network, then:
- Someone on that network could eavesdrop on your transmission, looking for passwords, credit card numbers, or business secrets.
- They could use IP spoofing to redirect your communications to a fake server.
- Someone on a computer that's somewhere in the middle of your route from here to there could intercept your traffic and respond to you as if it was there and respond to there as if it was you. That's called a "man-in-the-middle" attack, and if the man in the middle is careful, you wouldn't even know it happened to you.
SSH: Strong Security for Remote Logins
SSH's provides strong security for remote logins. SSH's security is transparent because it's an application layer protocol, you use SSH software to login to a remote host instead of using telnet. It supplies two-way authentication, including the server authenticating itself to you. After exchanging keys, your entire session is encrypted, including your password and everything that you send to the host server and everything it sends to you. The best thing about SSH is that all this security stuff goes on behind the scenes.
It's no harder to switch to an SSH secure remote login application than it is to change from one vendor's telnet to another's.
This is all why the ACCC is requires SSH for remote logins to its machines and SFTP for secure file transfer.
Using SSH and SFTP
Connecting to servers such as argo and webhost at UIC require the use of either SSH or SFTP.
ACCC has made SecureCRT and SecureFX available at no cost. For instructions on how to use these clients, visit How do I use SSH and SFTP on Windows?
Mac OS X
For instructions on how to use the SSH built-in to Mac OS X and no-cost SFTP software for Mac OS X, visit How do I use SSH and SFTP on Mac OS X/macOS?
OpenSSH is almost always bundled with Linux, which contains SSH and SFTP clients.
All operating systems: For other SSH and SFTP clients (and servers)
PuTTY is a free, commonly-used SSH client for Windows and Unix that can be used as well.