SSH SECURE SHELL/SECURE FTP
Contents:
Availability
Unix: All Northwestern's UNIX hosts allow secure shell server connections. The SSH protocol for individual Unix workstations can be obtained through a site license [Northwestern University distribution site].
MS Windows: SSH Secure Shell is installed in all Kellogg public workstations, and it is also installed in student laptops, as part of the standard image. The SSH Secure Shell application can be obtained through Northwestern's site license [Northwestern University distribution site].
Mac OS: Mac users may download MacSSH for free. Configuration tips are available from www.math.ohio-state.edu/support/ssh/mac/macssh/, while instructions on how to setup a secure FTP connection using Fetch and MacSSH are available in w3.arizona.edu/~consult/mac-macssh.html.
Description
SSH Secure Shell is a protocol and software that allows encrypted terminal connections between computers, such as a connection between a Microsoft Windows workstation and a UNIX host.
Secure shell connections look like Telnet connections. However, in a telnet connections, data (including passwords) is transmitted in its original format, without password and data encryption, making connections vulnerable to different kinds of attacks. Secure shell also provides secure file transfer (Secure FTP) and it allows establishing secure X11 (X Windows) graphic connections -- "X11 tunneling".
Vendor information
SSH Communications Security, Inc.
1076 East Meadow Circle
Palo Alto, CA 94303
Support
Running SSH Secure Shell
On Windows:
Terminal connections:
- After installing SSH Secure Shell, click on the "SSH Secure Shell Client"
icon to establish a terminal connection to a UNIX host, click on the "Quick
Connect" button, which will bring up the following dialog box:
- Type the complete IP name (e.g. skew3.kellogg.northwestern.edu) of the
host, your netid. Set the port to 22 (the default) and the "Authentication
Method" to "Password". Click on the "Connect" button.
- The first time you connect, you will be prompted to save the hosts identification
("public key"):
If you save, the information will be stored in your local profile in the workstation you are using. If you choose not to save, you will be prompted again the next time you login.
- Selecting "New terminal" from the "Window" menu, will open another terminal window to the same host; SSH will automatically log you in.
Secure FTP:
- To start a Secure FTP session, you may either click on the "SSH Secure
File Transfer Client" on your desktop or on the the equivalent icon in the
SSH toolbar:
You will be presented with a window similar to the one depicted below. The left pane shows the contents of your desktop (the "client"), while the right pane shows the contents of your UNIX/Linux account (the "host").
- To change the transfer mode, select the mode you need from the "Operation" > "File Transfer Mode" menu or click on the corresponding icon. The transfer mode icons are pictured below. The default is "automatic select". A typical problem is to transfer a binary file (for example, a dataset created by SAS, Stata, Matlab, etc) in text mode; this results in a corrupted file that cannot be read.
When to select a text (ASCII) transfer mode: Windows marks the end of the line with two invisible characters: an end-of-line and a carriage return character. UNIX and Linux use only one, an end-of-line character. There are instances in which using a text file (for example, a shell script) that contains carriage returns and end-of line symbols will cause problems. If you want to see whether a text file has these "invisble" character in UNIX or Linux, use the "
od -c filename | more" command. Carriage returns will be represented by a "\r", end-of-line symbols by a "\n", and tabs by a "\t". - To upload (copy a file from the client to the host) and download (copy a file from the host to the client) files, you can drag and drop between the panes showing the client and host files. You may also use the "Operation" menu, selecting either the "Upload Dialog" or "Download Dialog" sub menus. Finally, you may also use the up (upload) and down (download) arrow icons:
On UNIX:
Terminal connnection:
wrds(~)% ssh abc123@skew3.kellogg.northwestern.edu
abc123's password:
Authentication successful.
where abc123 is your skew3 user name.
SFTP connection:
wrds(~)%sftp abc123@skew3.kellogg.northwestern.edu
abc123@skew3.kellogg.northwestern.edu's password:
where abc123 is your skew3 user name. You will get the sftp prompt:
sftp>
To find the available commands, type "help command" at the sftp prompt. The commands available are the following: open, lopen, close, quit, cd, lcd, pwd, lpwd, ls, lls, get, mget, put, mput, rm, lrm, mkdir, lmkdir, rmdir, lrmdir, rename, lrename, readlink, lreadlink, symlink, lsymlink, ascii, binary, auto, setext, getext, lsroots, debug, verbose, help. Generally, an "l" at the beginning of the command indicates that it applies to the local host (where you started SFTP). For example, if you started an sftp session in your WRDS account to your skew3, "ls" will list the files in your skew3 account, while "lls" will list the files in your WRDS account.
Examples and solutions
Creating and customizing connection profiles:
Whenever you connect using the "Quick Connect" button, SSH Secure Shell opens a "Add Profile" dialog box:
If you type in a name for the session, the software will save the host name and login id (not the password), which will be available for future use if you click on "Profiles":
Changing the colors of your session: To change the colors in which the session is displayed, choose "Settings" from the "Edit" menu. Under "Profile setting", click on colors. Unselect "Global colors" and then choose the color combination you find most comfortable:
Adding favorite folders to Secure FTP: You can add "favorite folders" to your configuration. These will appear in a pull-down menu when you have SFTP open.
Manuals available at Research Computing
There are no hard copies available. By default, SSH Secure Shell will install all its documentation in Windows help format. The same material is also available online at SSH Communications Security:
Useful links