InsideIssue03 > [ français ] - [ english ] - [ español ]

Translation suggested by Lebarhon, thanks to warn me for any modification of the original (just a few words here)
To be checked


Open SSH is a set of tools allowing to secure the connections between computers.

This system works in Server/Client mode. That means it allows a connection only if a Server is launched on a machine, and agrees either the clients connections in general, or only some of them in particular. The SSH protocol allows to manage easily remote computers, in a secure way regarding to the network where the data must pass through. It is often used when a connection to the shell of a remote machine is required: the case of remote systems and servers administration. It is also more and more used for files transmission, directly by ssh2, Sftp or scp. The Secure Shell (ssh) works as properly on a recognition system with typically *nix login: with several users, each one owning a count, a /home and a password and who can be simultaneously connected; as with public and private keys system. We can also make it work with the recognition of the network cards mac addresses, but this mode is not much used. Once the tunnel put in place between the two machines, all the frames passing through the network between them will be completely encrypted. Of course, in theory, it is never impossible to break this encryption, but with ssh2, it is extremely difficult and long. That makes any try to collect sensitive informations (like passwords) a practical impossibility. The use of the encrypted frames, with regard to them, has a very little chance to be possible because of the ratio of the decryption time to the validity time of the collected data. We can say it without any chance at all to make a mistake: OPENSSH is the king of the internet network for any administrator. OPENSSH come from the OPENBSD system and the OPENSSH project leader is nobody else than Theo de Raadt himself.

Quick examples:
$ ssh username@ip-server
scp only allows to copy files, that may be particularly helpful
scp username@ip-server /mnt/crypt/carnetdadresses.txt
sftp comes from the FTP protocol, this one being here secured by SSH
It is possible to make SSH leaps, that means to connect oneself to a remote machine, then, from this first tunnel, to ask an other connection to an other machine.
It's also possible to create a SSH tunnel for the pop3 emails, thus reassuring their transfer.

OPENSSH, to configure a server under Mandriva

Main lines and basic functions of the configuration from a terminal emulator. No time to do it now :o)

OPENSSH, the encrypted frames

Main lines on the encryption. Examples of sniffed frames

OPENSSH, to be a client of a server

Konqueror on kde allows a SSH server connection in total transparency. The user asks the connection to the ip of the server and a dialog box is proposed asking name+password. Once the connection active, the user will see in his Konqueror the directories on which he is authorized to access, exactly as if they were local directories! Moreover, the drag and drop between a local directory and the Konqueror displaying the remote directories is possible! Drop a directory in the windows and it will be automatically transmitted in a secure and encrypted manner into the remote machine.

-> screenshots and explications.
Nautilus-> to be seen and completed

OPENSSH, to configure a server under Mandriva with the graphic assistant

An integrated assistant exists in Drakconf, allowing you to configure with a graphic utility, an OPENSSH server. Just being administrator, beginner or confirmed, this assistant will allow to configure very subtly the SSH server. To take advantage of this utility, install the rpm called drakwizard!

-> screenshots and explications step by step, very detailed.
There are no comments on this page.
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki