Feb
26
Generating SSH Keys on Windows with PuTTYgen
Filed Under System Administration, Security, Computers & Tech on February 26, 2020 | 1 Comment
In instalment 30 of the Taming the Terminal series I showed how SSH keys can be used to more securely and conveniently connect to servers. The instructions in that instalment are for Linux-like OSes (including MacOS) where the standard OpenSSH tools are available.
Windows doesn’t ship with OpenSSH (or indeed any SSH implementation), so Windows users who want to SSH need to install some kind of additional software. With Windows 10 there is the obvious option of installing the Windows Subsystem for Linux, but people may prefer a GUI experience. The obvious choice for Windows users is the venerable free and open source PuTTY suite of tools.
The PuTTY SSH client itself is easy to use, and if you install the full suite of apps via the MSI installer (available on their download page) you’ll also get a GUI for generating SSH keys named PuTTYgen.
May
25
TTT Part 37 of n – SSH Agents
Filed Under System Administration, Computers & Tech on May 25, 2017 | 2 Comments
Since we covered SSH in parts 29 & 30, Apple have changed how their desktop OS deals with the passphrases protecting SSH identities (key pairs). This provides us a good opportunity to have a look at the SSH Agent in general, and, how things have changed on the Mac in particular.
The good news is that while things have changed on the Mac, with a small amount of effort, you can get back all the convenience and security you had before.
Apr
25
TTT Part 33 of n – SSH ‘Bookmarks’
Filed Under System Administration, Security, Computers & Tech on April 25, 2015 | 3 Comments
This is the final SSH instalment. So far we’ve learned how to securely execute terminal commands on remote computers, how to securely copy files across the network using SSH, how to add both security and convenience to both those operations with SSH key pairs, and how to tunnel just about anything through SSH. In this final instalment we’ll look two approaches for creating SSH bookmarks, SSH config files, and SSH GUIs.
Apr
6
TTT Part 32 of n – SSH Tunnelling
Filed Under System Administration, Security, Computers & Tech on April 6, 2015 | 3 Comments
This is the fourth SSH instalment. So far we’ve learned how to securely execute terminal commands on remote computers, how to securely copy files across the network using SSH, and how to add both security and convenience to both those operations with SSH key pairs.
As we saw in the previous instalment, SSH’s ability to provide a secure connection between two computers can be used in many different ways. In this instalment we’ll learn about three more ways to encapsulate other network traffic within an SSH connection, adding encryption to that traffic.
Running commands and copying files are the kinds of things most people do, so the three SSH instalments to date have been quite generally applicable. That is not the case for this instalment. The three SSH features we’ll be discussing are all very useful to those who need them, but only a minority will have a use for any one of these features. However, even if you don’t need these features today, I would argue that it’s good to know these features exist, because they could well solve a problem you’ll have in the future.
There will be illustrations of the uses for these technologies, but not commands you type into your terminal to play along at home. That makes this an unusual instalment, but I hope you will still find it worthwhile.
Apr
4
TTT Part 31 of n – SSH File Transfers
Filed Under System Administration, Computers & Tech on April 4, 2015 | 5 Comments
In Part 29 of n we learned how to use SSH to execute commands on a remote computer. In the previous instalment we learned how to add security and convenience to SSH connections using SSH key-pairs.
The most important thing SSH provides is an encrypted connection between two computers. As we’ve seen, that encrypted connection can be used to securely issue terminal commands to a remote computer, but that same secured channel can also be used to secure other network connections between computers. In this instalment we’ll look at three different ways of securely copying files between computers through an SSH connection, and in the next instalment we’ll look at tunnelling just about any network connection through an SSH connection.
Mar
29
TTT Part 30 of n – SSHing More Securely
Filed Under System Administration, Security, Computers & Tech on March 29, 2015 | 7 Comments
In the previous instalment we saw how we can use SSH to execute a single command on a remote computer, or, to get a command shell on a remote computer. We also saw how SSH uses host keys to protect us from man-in-the-middle (MITM) attacks.
In this instalment we’re going to look at how we can improve both SSH security and convenience with SSH keys.
Feb
14
TTT Part 29 of n – Intro to SSH
Filed Under System Administration, Security, Computers & Tech on February 14, 2015 | 8 Comments
In the previous six instalments we looked in detail at how TCP/IP networks tick. In these instalments we worked our way up from the bottom of the four-layer TCP/IP network model to the top, finishing off with a look at two protocols in the Application Layer at the top of the stack. Those two protocols, DHCP & DNS exist in the top layer, but are different to most other top layer protools in that they can reasonably be described as forming part of the infrastructure of the internet. The email and web protocols may site within the same network layer, but they still rely on DNS to function.
For the remainder of the networking section in this series we’ve moving away from infrastructure-like protocols, and focusing on the user-facing Application Layer protocols. The first of these we’ll be looking at is the Secure Shell, or SSH. This protocol is one of the absolute work-horses of the internet, and a vital tool for all Linux, Unix, and OS X sysadmins.
At it’s simplest level SSH allows you to execute commands on a remote computer, but because it was designed around the concept of a secure tunnel between two systems, SSH has expanded to allow all kinds of advanced features. The least-generous description of this could be that SSH has become a kind of sysadmins fridgeoven. But I don’t buy that, I prefer the alternative interpretation – it simply makes sense not to re-invent the wheel, and to allow as much information as possible to flow throw the secure connection SSH provides between the two end-points.
Today we’re just going to start with the basics, but in future instalments we’ll move on to the more advanced features.