When you telnet to a remote host server and login everything between
your computer and the computer you are connecting to can be sniffed
and read by someone with the knowledge and equipment. This is
obviously a major security breach as it is tantamount to blasting
your login commands and passwords across an open network.
Secure Shell (SSH) sets up an encrypted connection usually on port 22 between your
computer and the server's computer that you are connecting to.
Everything sent between the two computers is encrypted. The server
you are connecting to must be running SSH. Although more and more
admins are installing secure shell, there are still lots of internet
service providers who haven't. If you are using one that doesn't have
secure shell access, write to the admins and ask why not, and if they
can set it up. Mostly, they are happy to oblige.
Use Strong Crypto
Once you get a SSH client installed on your machine - the first thing
you should do is go into your preferences area and disable (if possible) the DES and
3DES encryption algorithms (which are weak and easily broken). The
preferred algorithms, which are much stronger, are IDEA, Blowfish, and RC4
(or arcfour). These are the only ones that should be used to ensure that
your connections are secure.
SSH Clients
Terraterm is an
open source ssh client for windows machines.
SecureCRT is a commercial ssh
client for windows machines - but they offer a 30-day trial download.
F-Secure
SSH a commerial ssh client for Mac / Windows / Unix from Data Fellows.
Nifty Telnet SSH
is a free ssh client for Macintosh machines. Also with SCP (Secure Copy) which is a protocol
for transferring files to or from a remote host.
MacSSH
MacSSH is a free modified version of BetterTelnet with SSH2 support.
Putty a free ssh client for Windows.
Topgun SSH for the PalmOS
A further list of ssh clients
Further Reading
Security Analysis
