SSH (Secure Shell) protocol is the secure replacement of telnet. The same privacy considerations that apply to email and files also apply to remote logins. You have every right to expect security for your interactions when you're logged in to a remote host machine:
Yes, remote logins are vulnerable in all these areas. Say you're going from here to there. If the route from here to there goes though someone else's network, then:
SSH's provides strong security for remote logins. SSH's security is transparent because it's an application layer protocol, you use SSH software to login to a remote host instead of using telnet. It supplies two-way authentication, including the server authenticating itself to you. After exchanging keys, your entire session is encrypted, including your password and everything that you send to the host server and everything it sends to you. The best thing about SSH is that all this security stuff goes on behind the scenes.
It's no harder to switch to an SSH secure remote login application than it is to change from one vendor's telnet to another's.
This is all why the ACCC is requires SSH for remote logins to its machines and SFTP for secure file transfer.
Connecting to servers such as argo and tigger at UIC require the use of either SSH or SFTP.
ACCC has SecureCRT and SecureFX no cost, site-licensed SSH and SFTP for Windows. If you already have the previous ACCC site-licensed SSH from SSH Communications Security installed, you can continue to use it, but cannot get upgrades or security fixes, so it is recommended to upgrade to using SecureFX and SecureCRT.
For instructions on how to use the SSH built-in to Mac OS X and no-cost SFTP software for Mac OS X for Macs, visit SSH and sFTP for Macs.
OpenSSH is almost always bundled with Linux, which contains SSH and SFTP clients.
PuTTY is a free, commonly used SSH client for Windows and Unix can also be used as well.
File transfer isn't only FTP; it is built into other types of applications.
Do you use a Web authoring tool to transfer Web files between your personal computer and tigger, which is www.uic.edu. As with all file transfer, your Web authoring tool must use SFTP to work with tigger.
If your web authoring tool doesn't support SFTP, as you update files, you will have to save the files to your disk and use a separate SFTP application to upload them and to set the appropriate permissions. The SFTP applications supported by the ACCC are drag-and-drop, so that shouldn't be too much of an annoyance.
Adobe Dreamweaver, which is available on the computers in the ACCC public computer labs, has supported SFTP as the default file transfer method since Dreamweaver MX 2004.
November 05, 2013