|
SSH gives the users the capability to perform tasks between
two hosts (logging into a remote machine and executing
commands in a remote machine) without the concern of being
"snooped" by someone else on the network.
In older communication protocols (telnet, rlogin, rcp, rsh),
the connection between two systems was an unencrypted
connection. In recent years, "snooping" (running a program
which examines the traffic on the local network and saves
certain key portions to a file) has become rampant. People
have used this method to illegally acquire userid and
password combinations of other users on the same system or
local network. As this is a passive intrusion, it is very
hard to detect; essentially invisible to the general user.
With the advent of the secure shell (ssh) programs, which
include slogin (for remote login) and
scp (for copying files to/from remote
systems), this is no longer a concern. The network connection
between the two hosts is now an encrypted connection
(assuming both hosts support compatible versions of
ssh ) which render "snooping" useless, as
all that can be seen is encrypted strings which don't mean
anything to the snooper.
An advantage of the ssh protocol is that when you're using
slogin to go between two hosts in the
same cluster (WAM to WAM, Glue to Glue, etc.), you don't ever
need to specify your password. You're automatically logged
into the remote host, bypassing the "Password:" prompt. When
going between two different clusters (WAM to Glue, etc.)
you'll still be prompted for the password, but it will be
passed in the encrypted connection, so you don't have to
worry about it being snooped.
To use slogin to connect between WAM,
Glue, or any other hosts using the same userid,
simply use:
slogin hostname
where hostname is the name of the remote host you
wish to login to. If you are going between two clusters,
you'll be prompted for a password. If you accidentally
mistype it, you're given two additional chances to get it
right before the slogin software gives
up and aborts the connection.
If you wish to use slogin to login to a
different userid, you need to use the
'-l' option:
slogin -l userid hostname
where userid is the userid you wish to login to on
hostname.
To use the scp program to copy files
between systems, you use the form:
scp filename1 userid@hostname:filename2
where filename1 is the file you wish to copy,
<userid>@<hostname< is the userid and hostname to
where you wish to copy it, and filename2 is the name
you want to call the file on the remote system. For example:
scp myfile bob@wam.umd.edu:myfile
When typed on the Glue system, this will copy the file to the
WAM system.
When you issue the command, you'll be prompted for the users
password on the remote system, then given the stats of the
transfer. Pay attention to the last item on the stat line;
it's how much of the file got transferred (you want to see
100%). For example:
scp myfile user@wam.umd.edu:myfile
user@wam.umd.edu's password:
myfile | 37 KB | 37.4 kB/s | ETA: 00:00:00 | 100%
The password will not show up when typed. The statistics
indicate the size of the file (37 KB), the transfer rate
(37.4 kB/sec), the estimated time to transfer the file (in
this case, immediate), and what percentage of the file got
transferred. As with the slogin command,
scp gives you three chances to get the
password right before it aborts the connection.
Telnet , rlogin ,
rcp , and ftp commands
can no longer be used at the University of Maryland. The secure
way to access your accounts and the best way
to minimize the chance of your userid/password
combination being snooped is to use slogin
and scp.
|
