Tuesday, March 22, 2005

SSH

Although I haven't written anything here about SSH before I have written e-mail to friends about the usefulness of this great Unix command line utility. Basically SSH stands for Secure SHell. It differs from your normal shell in that it uses encryption. Now while in and of itself encrypted communications is a good thing, the thing that has made SSH so fantastic is it's ability to tunnel TCP/IP ports over the SSH connection. What does that mean? Well I have access to my work computer via Citrix. From that machine, through a cygwin initiated SSH session back to my home computer I can tunnel traffic to various services around the network. Like what you ask? How about Oracle, SQL Server, Tomcat, IMAP Mail, CVS, etc. anything with a TCP/IP port.

Now finally I'd like to point out that you can do all this with Mac OS X out of the box by simply clicking a checkbox. But you can do a few more things to make things more secure. One of those things is to use public-key based encryption which relies on not just a password but a encrypted public key as well (i.e., something you have and something you know). Checkout this series of articles for more information. They're Mac-centric but the content is fairly generic.

No comments: