OpenSSH, the de facto open source SSH application, encrypts all traffic (including passwords) to effectively eliminate these risks. Additionally, OpenSSH provides a myriad of secure tunneling capabilities, as well as a variety of authentication methods.
OpenSSH is the port of OpenBSD's excellent OpenSSH[0] to Linux and other versions of Unix. OpenSSH is based on the last free version of Tatu Ylonen's sample implementation with all
PAM support
EGD[1]/PRNGD[2] support and replacements for OpenBSD library functions that are absent from other versions of UNIX
The config files are now in /etc/config. e.g.
o/etc/config/sshd_config instead of /etc/sshd_config o /etc/config/ssh_config instead of /etc/ssh_config
o /etc/config/users/<username>/.ssh/ instead of /home/<username>/.ssh/
Generating Public Keys (Linux)
To generate new SSH key pairs, use the Linux
$ ssh-keygen -t [rsadsa]
Generating public/private [rsadsa] key pair.
Enter file in which to save the key (/home/user/.ssh/id_[rsadsa]):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_[rsadsa]. Your public key has been saved in /home/user/.ssh/id_[rsadsa].pub. The key fingerprint is: 28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server
$
It is advisable to create a new directory to store your generated keys. It is also possible to name the files after the device they will be used for. For example:
$ mkdir keys
$ ssh-keygen -t rsa
_____________________________________________________________________
Page 179 |