Google
 
   
Login
Username:

Password:


Lost Password?

Register now!
Search

Advanced Search
Main Menu
service
Impressum
Datenschutz
Haftungsausschluss
top books
Polls
What do you think about php-deluxe.net?
Excellent!
Cool
Hmm..not bad
What the hell is this?
encyclopedia
Help desk/Archive 16
Functional dependency
Eilenberg-MacLane space
Comparison of user...
SerialPortNet
Fiber to the premises
ABIT
recommendation
Freenet DSL
Who's Online
14 user(s) are online (12 user(s) are browsing encyclopedia)

Members: 0
Guests: 14

more...
partner

OpenSSH

OpenSSH (Open Secure Shell) is a set of computer programs providing encrypted communication sessions over a computer network using the SSH protocol. It was created as an open alternative to the proprietary Secure Shell software. The project is led by Theo de Raadt from Calgary, Alberta.

= History =

OpenSSH was created by the OpenBSD team as an open alternative to SSH, which is now proprietary software. Its developers claim that OpenSSH is more secure than the original, partly due to the reputation of the OpenBSD developers in emphasising clean and well-audited code, which in turn contributes to security. Its security is further attributed to the fact that its source code is released under an Open Source license, the BSD license (to which the Open in the name refers). Although source code is available for the original SSH, various restrictions are imposed on its use and distribution, making OpenSSH a more attractive project for many software developers.

OpenSSH 4.2 was released on September 1, 2005 [http://www.mindrot.org/pipermail/openssh-unix-announce/2005-September/000083.html].

= Portability =

Since OpenSSH performs authentication, in particular, it runs into a lot of differences between Operating system. The OpenSSH Portability Team is responsible for adding code necessary for portability and issuing Portable releases .

= Programs included =

The OpenSSH suite includes:

  • ssh (replacement for Rlogin and Telnet) ssh
  • Secure Copy (replacement for Rcp) scp .
  • secure file transfer program (replacement for ftp) sftp
  • sshd (the SSH daemon (computer software)) sshd

    • = Secure tunnels =

    Many applications can be secured with OpenSSH, making it a strong alternative for VPN systems.

    Any program using Transmission Control Protocol connections (and preferably a single tcp port) can be used through secure tunnel. Some examples of easily tunneled programs are X Window System, http using a proxy and Virtual Network Computing. X Window System tunnel is often created automatically between two Unix computers, so GUI programs from remote computers can be run simply by typing their names: ssh -Y password: $ xclock

    Programs whose tunneling is possible but complex are ftp (not needed because of sftp) and Server message block.

    Some programs call OpenSSH to create the tunnel, such as DistCC, Concurrent Versions System, rsync, and fetchmail.

    Remote filesystems can be mounted through ssh using shfs, lufs or podfuk.

    = Authentication =

    OpenSSH server authenticates users using its built-in authentication systems

  • public key (id.rsa, authorized_keys)
  • )
  • Kerberos (protocol)/GSSAPI

    • Portable OpenSSH can also use Pluggable authentication modules for authentication. PAM allows run-time selection of authentication methods and policy, and allows advanced authentication methods such as one time passwords:

  • OTPW
  • S/KEY
  • OPIE (password system)

    • Portable OpenSSH versions older than 3.7 must run as root all the time when PAM support is enabled, as root privileges are typically required to operate PAM. More recent versions allow the usage of PAM to be disabled at run-time, so regular users can run sshd instances.

    = See also =

  • POSSE project

    • = External links =

  • [http://www.openssh.com/ OpenSSH home page]
  • [http://www.openssh.com/portable.html Portable releases]
  • [http://www.apress.com/book/bookDisplay.htmlbID=427 Pro OpenSSH], commercial book about OpenSSH
    		•