ALS 2000 Technical Program

ALS 2000 Abstract

SSH Port Forwarding

Giles Orr, and Jacob Wyatt, Georgia College & State University

Abstract

Secure Shell (a secure replacement for telnet/rsh) allows the securing of normally insecure services such as FTP, POP, SMTP, and VNC. We will discuss basic installation of SSH, including several examples of port forwarding, and you will learn how to apply this excellent security tool for your own purposes.

SSH stands for "Secure SHell." SSH is a replacement for telnet, rsh, and rlogin, to allow secure shell access to remote machines over an untrusted network. Telnet was designed at a time when the Internet consisted of a relatively small number of universities, and no one had ever heard of a packet sniffer. Packet sniffers such as sniffit and tcpdump are now relatively common - they have some highly practical uses, but obviously can also be used to collect passwords of those using unencrypted connections on a local network. Even if the password handshaking is encrypted, quite a bit of personal information can be collected watching an unencrypted transaction after the passwords. SSH packets looks like garbage to a packet sniffer.

View the full text of this paper in HTML form, PDF form, and PostScript form.
If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
To become a USENIX Member, please see our Membership Information.

Need help? Use our Contacts page.

Last changed: 29 Jan. 2002 ml

Technical Program

ALS Web Site

USENIX home