design element

OSU Statistics

Home	News
Research & Consulting Groups	People
For Visitors	For Prospective Students
For Current Students, Staff & Faculty	Contact Us

SSH Information

SSH Introduction

We are not allowing any incoming traffic to our server that requires a clear text password. This will mean telnet, e-mail and ftp will have to be performed in a different way to make them secure. This protocol is called Secure Shell, SSH for short.

For information on installing and configuring the various clients and e-mail, please see the pages on the specific operating system documentation.

1) Why are we doing this?

Currently a common hacker attack is to listen on the network line waiting for someone to type a password. This is called sniffing. Once they have your password, they can get onto our system, possibly obtain root, and then sniff passwords from here. Once this happens there will be significant downtime as we try to deal with the hackers, and it may never be known exactly what they have taken or modified. Another advantage of SSH is that the entire session will be encrypted, thus not only will someone not see your password but they will also not see anything you see. For example, currently on Road Runner it is easy for any of your neighbors to see what you type, assuming they have the right freely available tools. By the way, your neighbors are half your zip code, or about ten thousand people.

2) How will this affect me?

To log onto our Unix machines from anywhere outside Cockins Hall, you will need an SSH client. This means telnet, Eudora, and ftp will be prohibited outside the building.

Almost all computers have telnet on them. Few come with SSH. Thus, for any machines you use, you will have to find an SSH client for it. There are easily available free SSH clients for Macs and PCs. We will have some to distribute, along with installation instructions. If you are somewhere else, a few clients can be downloaded from the net. Some even fit on a floppy.

3) How else can I be secure?

Obviously, if we require SSH and you telnet to another University which doesn't and you use the same password there and here, that password can be sniffed. So we would highly recommend using one password for the Statistics Department machines, and another password for everything else. Ideally, you should be using SSH whenever possible, and only the machines you don't ssh to, need to be worried about.

If you run X windows at home to other sites, and not through SSH, you do not want to enter in passwords in any of those X windows, as anyone can see what you are doing in them, and from them.

SSH Client Sites and Links

OSU's Software Download page.
You can download the Windows SSH Client here, as well as Fugu, an SFTP client for Mac OS X. You will need your OSU username.

SSH.com
This is the maker of our Windows SSH client. Downloads and docs are available here.

Nifty Telnet SSH
Our recommend Mac OS 9 client.

Mac SSH
Another Mac client that does port forwarding, for FTP.

Putty
A small (fits on a floppy) Windows client.

OpenSSH.com
Linux server and clients. (Plus other OSes.)

FreeSSH.org
Links to free SSH clients.

SSH FAQ This is the official SSH FAQ.

Electrical Engineering's SSH Page
A good guide on using SSH. EE blocks telnet, and ftp.

UC Berkeley's Stat Department
Ancillary information. Berkeley has been SSH only since January 1998.