Contents
Abstract
With more and more computers installed in networked environments, it
often becomes necessary to access hosts from a remote location. This
normally means that a user sends login and password strings for
authentication purposes. As long as these strings are transmitted as
plain text, they could be intercepted and misused to gain access to that
user account without the authorized user even knowing about it. Apart
from the fact that this would open all the user's files to an attacker,
the illegal account could be used to obtain administrator or
root
access, or to
penetrate other systems. In the past, remote connections were established
with telnet, which offers no guards against eavesdropping in the form of
encryption or other security mechanisms. There are other unprotected
communication channels, like the traditional FTP protocol and some remote
copying programs.
The SSH suite provides the necessary protection by encrypting the authentication strings (usually a login name and a password) and all the other data exchanged between the hosts. With SSH, the data flow could still be recorded by a third party, but the contents are encrypted and cannot be reverted to plain text unless the encryption key is known. So SSH enables secure communication over insecure networks, such as the Internet. The SSH type that comes with openSUSE is OpenSSH.
openSUSE installs the package OpenSSH by default. The programs ssh, scp, and sftp are then available as alternatives to telnet, rlogin, rsh, rcp, and ftp. In the default configuration, system access of a openSUSE system is only possible with the OpenSSH utilities, and only if the firewall permits access.