Doug Vitale Tech Blog

Posts Tagged ‘terminal emulator

SSH, the Secure Shell

SSH is one of the protocols of the TCP/IP protocol suite found at the application layer (Layer 7) of the Open Systems Interconnection (OSI) network model. Officially specified in RFC 4251 (and later, several other RFCs) SSH functions in a way that is similar to telnet but is far more robust and capable. SSH lets you log in to other hosts, get a shell and execute commands on them (for more details, read up on the concept of the OS shell), and transfer files between hosts. The major difference between SSH and telnet as terminal emulation protocols is that SSH utilizes encryption and strong authentication while telnet transmits data (including passwords) in clear text, making it vulnerable to packet sniffing. SSH, in contrast, provides secure, reliable authentication and communication over data channels that might not be so trustworthy (such as the public Internet). Because the SSH protocol encrypts the communications between network devices, it decreases the chance of an attacker (possibly an internal user) sniffing traffic and obtaining sensitive data such as authentication credentials.

What is commonly called ‘SSH’ is actually a collection of utilities such as ssh, scp, slogin, and sftp. SSH can be used to effectively replace telnet in a manner almost invisible to users. However, in the background SSH sessions involve authentication, key exchange, encryption, and passphrase generation and storing, making SSH a complex protocol.

SSH versions

SSH version 1 was released in 1995; however, a few years later it was determined to be unreliable. SSHv1 is vulnerable to a well known exploit that allows an attacker to insert data into the communication stream, making it vulnerable to man-in-the-middle (MITM) attacks. In short, versions of SSH prior to v2.0 are not completely cryptographically safe, so they should not be used. Therefore this article will focus only on SSHv2. Bear in mind that if you see SSH version 1.99 installed, this means that the host supports both SSH v1.5 and v2 (see RFC 4253 for reference).

SSH encryption

SSH uses the public key (asymmetric) cryptographic model which means that data encryption between hosts utilizes two keys: a public key to encrypt the data, and a private key to decrypt it. The asymmetric keys are used to authenticate the SSH server and client and then to negotiate a symmetric key. This symmetric key is utilized for data encryption.

Public key encryption diagram

Simple example of public key cryptography

Read the rest of this entry »


Written by Doug Vitale

February 20, 2012 at 3:40 PM

LogMeTT Tera Term

Tera Term has been one of the industry’s mainstay terminal emulators. Network device administrators in particular have used Tera Term because it supports both telnet/SSH and serial connections.

There are presently two versions of Tera Term available: version 3.13 from Ayera Technologies and version 4.80 from LogMeTT. This schism occurred as a result of Tera Term’s disjointed development process.

Tera Term v4.80 interface

The Tera Term v4.80 interface with connection setup options

Read the rest of this entry »

Written by Doug Vitale

November 15, 2011 at 10:52 AM

%d bloggers like this: