Next
Contents
Requirements
- Mac OS X - we only cover the configuration of an OS X client-server solution using SSH Helper
- Latest Mac OS X security update should be installed
- A copy of SSH Helper (SSH Helper can be downloaded here)
What is OpenSSH ?
OpenSSH is a secure way of connecting to remote computers and transfering files. The OpenSSH suite includes the following programs (among others)
- scp - think ftp
- sftp - think ftp
- ssh - think telnet
- ssh-keygen - used to generate key pairs
- sshd - the ssh server
ssh and scp/sftp can are used to replace telnet and FTP. This is necessay because FTP and telnet transfer your password over the wire in the clear. OpenSSH protects your network traffic through the use of encryption.
Conceptual Overview of OpenSSH
Methods of Authentication
- Password-based Authentication
Server querys the client for the account password on the remote host (using password mode is not recommended and is not even covered in this HOWTO)
- Public Key Based Authentication
Public key based method requires you to generate a key pair on your local machine and copy the public key to any hosts that you want to connect to. The key pair consists of two keys: a public key and a private key. These keys are saved in your ~/.ssh directory. You should never give away your private key. You can look at the key pair as your electronic identity.
What's so great about Public Key Authentication ?
Look at it this way: Anything encypted with the public key can be decrypted only by the private key (until the time the NSA annouces their "new" quantum computer and we all breath a collective sigh as we realize installing SSH was a waste of time). This is used in ssh like so:
- When you connect you send the server your public key
- The server can then encrypt a challenge for the client using the client's public key
- The client then can prove his identity by decrypting the challenge and responding to it
Supported protocols
- SSH1 or Protocol 1
This is the original ssh protocol.(this is not recommended and is not even covered in this HOWTO)
- SSH2 or Protocol 2
This is the latest protocol version and is documented in RFCs. This is the version we are going to concern ourselves with.
What is Secure Shell Helper ?
See the SSH Helper home page for more info.
Next
Contents