Free SSH Programs for Download
SSH or Secure Shell is a secure method of accessing your web server for manipulation or file transfer (using SCP or SFTP). Here are a few software applications that you can use to access your server via SSH.
1. OpenSSH
OpenSSH is the primary SSH client and server used for Linux, BSD, Mac OS X and other Unix-like operating systems. It is free and open source and is part of the OpenBSD project. It includes scp and sftp for secure file transfers.
2. PuTTY
Although it works with both Windows and Unix, Putty is mostly used by Windows users, since SSH is not installed on Windows by default (unlike Linux and Mac OS X). PuTTY is free and open source.
GUI Applications
1. Filezilla
Filezilla is a file transfer application that includes support for scp and sftp. It is free, open source, and has cross-platform support.
2. WinSCP
A GUI file transfer program, WinSCP supports scp and sftp, and it is core is based on PuTTY. WinSCP is free and open source.
3. Cyberduck
Cyberduck is a file transfer application for Mac OS X that supports SFTP. It is free and open source software.
Tag: open source, openssh, scp, server, sftp, software, ssh
Linux vs. Other Free Unices
Linux is undoubtedly the most popular Unix-like operating system, and it is increasingly becoming the number-one choice for web servers, virtualization, and cloud computing. But it is not the only Unix-like OS on the map, and there are a few that rival Linux in terms of stability, security, and ease of use.
Among the most likely candidates to compete with Linux for the title of “Server King” are Solaris and BSD. Solaris was originally produced by Sun Microsystems, which has since been acquired by Oracle. One might consider the future of this OS as uncertain, but a free and open source version, OpenSolaris, ensures that the community can keep it alive even if Oracle does not.
BSD, originally created at the University of California in Berkeley is the primary Linux competitor in the server market, with several variants of its own that are similar to the Linux distribution model. Some of the more common include FreeBSD, NetBSD, and OpenBSD. OpenBSD in particular is known for its security-oriented development, and the creators of it are also responsible for OpenSSH, the secure shell server and client. In the coming weeks, we will look at both of these operating systems and see how they stack up against Linux.
Photo Source: Flickr
Tag: bsd, linux, openssh, oracle, solaris, sun, unix
5 Security tips for virtual private servers
There are many security factors you should consider when deploying Linux-based virtual private servers (VPS) on systems such as OpenVZ. Some protect your users and some protect your server as a whole. Here are five steps you can take to make sure your server is secure:
1. Disable the root password on the real server. Users may decide to use root passwords on their VPS systems, but do not make it easy for attackers to get past them to the real system.
2. Create a user designed just for admin tasks and give it “sudo” rights.
3. Create an ssh user to handle any remote logins and an sftp user for uploads to the real server. Disable remote access for all other users.
4. Run OpenSSH on a port other than the default 22. You can use 2222 or something else.
5. Rely on SSH keys for the two secure users and disable clear password authentication.
Photo Source: Flickr
Keep SSH users in their home directories
Since 2008, OpenSSH now has a feature that allows Linux system administrators to keep web hosting clients and other users out of system directories like /etc /bin /var, and others. In the past, admins had to rely on other packages, such as rssh.
The process is called chroot, which essentially creates a virtual file system within the larger Linux file system, limiting individual users to their own small section of the server. They might have an /etc directory, but it will a special one only for that user and not the same as the larger system’s /etc directory. Now, OpenSSH has a configuration option called ChrootDirectory.Now, OpenSSH has a configuration option called ChrootDirectory.
In
/etc/ssh/sshd_config:You need to configure OpenSSH to use its internal SFTP subsystem.
Subsystem sftp internal-sftp
Then, I configured chroot()ing in a match rule.
Match group sftponly
ChrootDirectory /home/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
Read the rest at the Debian Administration website. You can also read the configuration manual simply by typing man sshd_config from the command line.
Source: Debian Administration
Photo: Flickr
Tag: chroot, linux, openssh, rssh, sftp, web hosting
SSH security tips: Part 1
SSH is a great tool to have when you need remote access to a server, and it is naturally more secure than other methods, such as Telnet. Nevertheless, you should still take care to make sure your OpenSSH server is as secure as possible. Here are two tips to get you started:
1. Only use protocol 2. SSH-1 was known to have some security issues. On most servers, it should already be set to two, but it doesn’t hurt to check. Open /etc/ssh/ssh_config and make sure the following line is there:
Protocol 2
2. Allow or Deny specific users. Sometimes, you know exactly who to trust and who not to trust with SSH access. If you do, you can specify those users in your config file. For example, to allow only root, marshall, and bob to have access:
AllowUsers root marshall bob
To deny jake, rene, and xander:
DenyUsers jake rene xander
In part 2, we will discuss some other ways to secure your OpenSSH server. Check back soon.
Tag: openssh, security, server, ssh, web hosting