Secure Communications to be Required for ACS UNIX Hosts
By Dr. Philip Baczewski, Associate Director of Academic Computing
As of September 1, 2001, access via telnet and ftp to the ACS UNIX hosts sol, jove, and terra will no longer be possible. After September 1, you must use an SSH-compatible client for access.
Standard telnet and ftp clients pass login information, including your password, in clear text which is readable by anyone who can capture network traffic. The SSH (Secure SHell) protocol employs encryption of all communication with the host machine, thereby increasing the level of security in the process.
It is important to increase security because a common method of operation for system crackers is to capture a login name and password, and then use that name and password to gain entry to a UNIX host to support a denial-of-service attack or other unauthorized activity. This is not just a theoretical concern. In the past, there have been numerous incidents of UNT servers and workstations being compromised and used in such a manner, and these incidents are continuing to occur with increasing frequency. Secure protocols should be used whenever possible when passing sensitive information or login passwords over the Internet.
Secure SHell programs
There are several Secure SHell programs which provide the same functionality as telnet. Instead of ftp, the SSH equivalent is SCP (Secure CoPy). SCP allows copying of one or more files from one computer to another with login information and data encrypted during the process.
Free SSH clients are available at:
People using the unt.edu network may download these programs from the appropriate platform area on the UNT ftp server: ftp://ftp.unt.edu/software/
You may see a notice in the Macintosh Nifty Telnet SSH programs "About" box that Nifty Telnet cannot be used in the United States. According to the Nifty Telnet web site, "September 6, 2000, RSA Data Security, Inc. today put the RSA public-key encryption algorithm into the public domain, meaning that United States users can now download and use NiftyTelnet SSH legally. This was done two weeks before the expiration of their patent granted in 1983."
If you have questions about installing or using any of the programs mentioned above, please contact the Computing Center helpdesk at email@example.com or 940-565-2324.