Secure Shell (SSH) in HP Systems Insight Manager 5.1 and 5.2

ManualsBrandsHP ManualsSoftwareHP Systems Insight Manager for Linux

Why SSH?

SSH was selected to be used with HP SIM for the following reasons:



To provide a way to securely execute commands and copy files to remote systems



provide secure authentication mechanisms



To encrypt all data sent over the wire, unlike the traditional UNIX® r services



To provide a popular, non

proprietary protocol

Origins of SSH

SSH and the SSH

1 protocol were developed in 1995 and in the same year it

was documented as an

Internet Engineering Task Force (IETF) Internet Draft standard. The protocol was popular and by

1997 the protocol was standardized and published as a new standardized protocol version, SSH

2.0, or SSH

2. This version was missing some

of the SSH

1 features, which continue to be more

widely used even though SSH

2 is a more secure protocol.

SSH was originally created to replace the UNIX r services

remsh

rlogin

, and

rcp

. These services

provide remote shell, execution, and file copy. Unfo

rtunately, all data passed between the

communicating systems using r services is unencrypted clear text. Additionally, the authentication

mechanisms are weak and vulnerable to attack. The

rhost

authentication is vulnerable to the man

the

middle attack,

and passwords are passed over the network in clear text. SSH provides a

mechanism to verify the identity of the remote system using key

based host authentication, prevents

password snooping by using over

the

wire encryption of all communications between th

e client and

server, and provides stronger user authentication methods by using public key authentication.

Origins of OpenSSH

OpenSSH (

http://www.openssh.com

) is gaining prominence as an SSH implementation, developed

under the auspices of the OpenBSD project (

http://www.openbsd.org/

) and freely available under the

OpenBSD license. OpenSSH is based on the last free release of the original SSH, 1.2.12, and has

developed rapidly a

s contributions have continued. It supports both SSH

1 and SSH

2 in a single set

of programs, whereas SSH

1 and SSH

2 have separate executables. While OpenSSH was

developed under OpenBSD, it has been ported successfully to Linux, Solaris, AIX, HP

UX, and

other

operating systems. Active development has continued on OpenSSH and SSH

2, but has ceased for

SSH

What is SSH

SSH is not a product but rather a protocol for secure remote access based on public key encryption. It

provides a specification of how to

conduct secure communication over the network. Communications

to and from the remote system uses the SSH protocol. This is conceptually similar to Secure Sockets

Layer (SSL) which is another security protocol used in many internet communications such as H

ypertext

Transfer Protocol over Secure Socket Layer (HTTPS).

The SSH suite includes:



ssh

program which replaces

rlogin

and

telnet



scp

which replaces

rcp



sftp

which replaces

ftp



sshd

which is the server side of the package



Other basic utilities such as

ssh

add

ssh

agent

ssh

keysign

ssh

keyscan

ssh

keygen

and

sftp

server