Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
My windows program of choice to ssh into Linux/Unix boxes is 'Putty'. It is a lightweight application, that does not require any changes to the registry, fits on a floppy, and it is free. Not bad in my book.
If you are looking for a Microsoft solution, the new version of Windows Services for UNIX that is now available for free, but I have been told it is a huge program. It can be found at:
i'll give putty a go; as for the microsoft stuff, i definitely wouldn't mind using it if it wasn't 220 freaking megs large! what could be contained it it that makes it that large? i'll have to give that a go one day, too
also, i actually have found that there is a sourceforge openssh project for windows
It seems that the sshwindows project that you mentioned includes a ssh daemon. So in theory you should be able to ssh to a windows box that is running this application. I would try it, but I do not have a windows box with me at the moment to try connecting to. But if it does what I think it should, it might be the answer to the remaining part of your needs.
I agree 220 MB is awfully large. It seems to me that it was not that long ago when that would be bloated for a full fledged OS with your most commonly used applications thrown in for good measure... yet so it goes.
Something you may not have noticed about puTTY is that you can log in to mulitple machines with multiple protocols at the same time. Very handy for managing two or more boxes at the same time. Remember that you may want to disable remote root login too, though
SecureCRT is a nice product, but the cost of nearly $100 for a license is a little steep in my book for a program that allows you to create secure shell connection. When it came time outfit the 20 windows boxes at my site, I took a long hard look at SecureCRT, but I simply could not justify the cost for my needs. They offer a discount rate of $85 each for 20 licenses, but I had a lot of other use for my $1700.
Another option if you are feeling wealthy is Hummingbirds's Exeed:
I have not checked on the price as of late, but if I recall correctly they used to want about $400 a pop, but they have a nice demo that you can take for a spin if you like.
But for now my group will continue to use Putty and Cygwin.
Yes, the telnet can work both ways (linux -> windows, and windows -> linux ), but I am one of many people who refuse to run telent on my boxes, because I do not want to send information such as system account names and password across the wire in plain text.
Yes, the telnet can work both ways (linux -> windows, and windows -> linux ), but I am one of many people who refuse to run telent on my boxes, because I do not want to send information such as system account names and password across the wire in plain text.
Well, I have bad news for you then. Any good dissector can pull a SSH user name and password from LAN traffic just as easily as a telnet one.
Just because something can be done, does not mean that you need to make things as easy as possible. There has never been a vault that can not be broken into, most of them can be broken into in a very short time, but I have not found a bank that has opted to keep their cash in a laundry hamper, just because vaults are so easy to hack.
There is no difference between pulling in an SSH and a telnet password from the LAN.
Why bother jumping through hoops since you are screwed either way? If there is a compromised machine on your network, any protocol is going to be insecure.
I would go so far to say that SSH is no more secure than telnet. The only difference is that with telnet is that it is much easier to see the commands that the remote user is executing than with SSH, but if they already have your password and user name, it doesn't matter, since you are already compromised.
The only thing that you could do in SSH (and not telnet) to add security is to login as a normal user and then use "su" to switch to the root user. Since commands in SSH are encrypted, it will make it harder to see the root password.
However, they still can grab your normal user name and password, login, and use a root kit, so it still won't completely protect you.
The only way to be completely secure is to not login remotely at all.
SSH has another major advantage over telnet (well, lots of them, actually ), which we may be forgetting: public key authentication.
Once you have this set up, you can configure SSH to accept logins only with public keys - something I'm currently working on with my main Linux PC upstairs. If it's a choice between sending a username and password in clear text to log in, or using a 2048-bit key pair which you'd need a Cray supercomputer running for years to crack, I think I know what I'd prefer. (Doesn't SSH encrypt the username and password transaction? I could be wrong.)
Of course, if there's a compromised box on your LAN, your network security is toast anyway. But frankly, that's not a good enough reason for me not to use an encrypted remote login method in favour of a wide-open one, especially if there is no compromised box on my LAN. (AFAIK...)
Not to mention the other fringe benefits of SSH - automatic X forwarding, tunnelling, data compression, secure copy/file transfer, making the tea, etc...
You are right, SSH does encrypt the username and password. And you make a good point about the extra functions that are available in SSH can really make a big difference in day to day usability, especially if you have more than a handful of systems to deal with.
Plus many recent distributions default to running an ssh daemon and not running run for telnet (which I think is a good idea).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
), which we may be forgetting: public key authentication.
