« CygWin, SSH, Java... | Main | SSH and Cygwin, cont. »
April 23, 2005
Some notes on setting up ssh
The previous post is about Cygwin-specific sshd setup.
Now let's talk about some general ideas. (Maybe wrong though.)
Basically, ssh supports two kind of log in methods.
One is like traditional telnet, which prompts users to input user name and passwd. The improvement is that all the information is encrypted using the server's public key. (When you first log onto a machine, the ssh client will ask you if you trust it, and will record its public key in known_hosts later on.) However this method is vulnerable to man-in-the-middle attack.
Another way is to not send passwd at all. But I guess this is also vulnerable if your connection is eavedropped at the first time. In this way the server will challenge the client with client's public key. Only client has its private key and thus be able to respond to the challenge. To enable automatic login, see the links below. You may also choose to input a passwd, which is called "passphrase".
http://www.csua.berkeley.edu/ssh-howto.html
http://www.chinaitlab.com/www/news/article_show.asp?id=6390
http://www.chinaitlab.com/www/news/article_show.asp?id=7241
If you also want to log in automatically using SecureCRT, you may have it generate a pair of keys for you, and upload the public key to the server. You must note that SecureCRT uses a different format of key from that used by OpenSSH. But OpenSSH can convert it to the acceptable format.
http://archive.erdelynet.com/ssh-l/2001-07/msg00007.php
I still have some problems with cygwin. Let's reboot the system and see what happens.
BTW, cygwin has a utility to generate the keys in one step. The command is called ssh-user-config.
Posted by Roy at April 23, 2005 10:11 PM