
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
118
|
Chapter 4: Secure Remote Administration
graphical user interfaces and educational help screens. “Hiding in plain sight” is no
longer an option.
None of this should be mistaken for nostalgia. Although in olden times, networking
may have involved fewer and less frightening security ramifications, there were far
fewer interesting things you could do on those early networks. With increased flexi-
bility and power comes complexity; with complexity comes increased opportunity
for mischief.
The point is that cleartext username/password authentication is obsolete. (So is
cleartext transmission of any but the most trivial data, and, believe me, very little in
an administrative session isn’t fascinating to prospective system crackers.) It’s sim-
ply become too easy to intercept and view network packets.
But if telnet, rlogin, rsh,andrcp are out, what should one use? There is a convenient
yet secure way to administer Unix systems from afar: it’s called the Secure Shell.
Secure Shell Background and Basic Use
A few years ago, Finnish programmer Tatu Ylönen created a terrifically useful appli-
cation called the Secure Shell, or SSH. SSH is a suite of tools that roughly corre-
sponds to Sun’s rsh, rcp,andrlogin commands, but with one very important
difference: paranoia. SSH lets you do everything ...