Problem:

I heard that telnet access was being turned off in favor of SSH2. How do I connect to an ISyE server now that this is the case?
 
 

Solution:

The main points of this article are as follows:

  • Use ssh instead of telnet, rlogin, or rsh when possible (these services have been turned off on many of the ISyE servers)
  • For a single file, use scp instead of ftp
  • For multiple files, use sftp instead of ftp

The problem with telnet, rlogin, rsh, and ftp is that they are not secure. Anyone who is monitoring the packets sent by your computer across the network will see everything you're doing, since it's all unencrypted. This may seem far-fetched, but it is relatively easy to monitor all traffic in a local network.

Still, you may object that you're not doing anything top-secret, so you don't mind if anyone's watching. The problem is that in addition to the work you're doing, your password is sent unencrypted across the network. That's the biggest reason for prefering a secure connection.

So, rather than use telnet, rlogin, or rsh, you should use ssh, which stands for "secure shell". All communication is encrypted using ssh. This may make logging-in a tad slower, but will be unnoticeable once you're logged in.

If you're connecting from a unix machine, it probably has ssh available already. Just type

ssh username@hostname.edu

Note that ssh won't ask you for your username like telnet does, so you need to specify it in your command. Also notice that this won't look just like your email address, since your email address doesn't really give the name of a specific computer. For example, if I wanted to log in to castle, I'd have to use:

ssh myname@castle.isye.gatech.edu

not my email address:

ssh myname@isye.gatech.edu

If you have a fast connection (not dial-up) and want to run some graphical jobs on the remote machine and have them show up on your local machine, use the -X option (capital X): ssh -X myname@host. This is called X forwarding.

If you're connecting from a PC, then ssh probably isn't present by default. Most Georgia Tech PCs have a program called SecureCRT, however, which implements the ssh protocol. Just use SecureCRT instead of whatever you used to use.

Transferring Files

For transferring files, there are two secure facilities: scp and sftp. They stand for ``secure copy'' and ``secure ftp''. scp will only do one file at a time so you have to enter your password each time:

scp localfile myname@host.edu:path/to/directory/newname

or

scp myname@host.edu:path/to/directory/remotefile local/dir/newname

Of course, you can leave the new name out if you want. Check the man page for more info. If you're used to ftp, it may just be easiest to use sftp, which works very similarly.

Final Advice

In order to use any of these secure protocols, computers on both ends of the connection must support them. If one of them does not, you're just going to have to revert to unencrypted methods. However, I'd contact the administrator of the uncooperative computer and let them know that you'd like ssh support added.

Good luck, and be glad that you're now using encrypted communication.

Search