
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
124
|
Chapter 4: Secure Remote Administration
I keep saying ssh is more secure than Telnet, but how? Nothing after the ssh login
seems different from Telnet. You may be asked whether to accept the remote server’s
public key, it may in general take a little longer for the session to get started, and
depending on network conditions, server load, etc., the session may seem slightly
slower than Telnet; but for the most part, you won’t notice much difference.
But remember that before ssh even prompts you for a password or passphrase, it has
already transparently negotiated an encrypted session with the remote server. When
I do type my username and password, it will be sent over the network through this
encrypted session, not in cleartext as with Telnet. Furthermore, all subsequent shell-
session data will be encrypted as well. I can do whatever I need to do, including
su -,
without worrying about eavesdroppers. And all it costs me is a little bit of latency!
Using sftp and scp for Encrypted File Transfers
With Version 2.0 of SSH, Tatu Ylönen introduced a new feature: sftp. Server-side
support for sftp is built into sshd. In other words, it’s hardcoded to invoke the sftp-
server process when needed; it isn’t necessary for you to configure anything or add
any startup scripts. You don’t even