SSH -- the big mystery

Back in the day people used 'telnet' this was and unsecure mode of communication with the server was sent in the open. Fastfoward to 2009 where data thieves are everywhere.

Now you probably want to connect to EngSoc from home, and we've turned off telnet access for everyone. We won't turn it back on, so please don't ask. It's okay though, set aside your fears. PuTTY, which is an SSH client, is dead simple and you'll like it better than the crappy telnet client you're using anyways. I can't believe you haven't been using PuTTY all along!

To start, you might be wondering what PuTTY is. You can think of it as a replacement for 'telnet'. You probably are used to using 'telnet' to connect to EngSoc or CHAT or some other host. This has probably done you fine, so you're thinking, "Why should I switch?"

The reasons are two-fold. Firstly, you don't realize it, but whenever you login to EngSoc, or whatever, using 'telnet' you are sending your password over the Internet for all to see. (This is known as 'plain-text'.) This is a Bad Thing (tm) and for obvious reason.

(Incidentally, every time you use FTP the same thing happens. Everyone can see your password! We've turned that off too.)

The second reason is that you are probably using the version of 'telnet' that comes with Windows 9x/NT/2k and it sucks. You see, in the mid-1980's most computers began displaying colour. Have you ever seen any colour in one of your 'telnet' sessions? PuTTY offers you the full colour experience.

Another reason, if you still aren't convinced, is that you have to. If you want to connect from home you need to use some SSH client, be it PuTTY or some other one.

Getting It

The first step is to download PuTTY. Go here and do whatever you have to to get that file onto your machine. Put it some place handy, you'll be using it all the time. Then run the thing. (Double-click on the icon or run it from a command line or do an exec() call or something.)

Using It

You'll be presented with a screen like this:

The hostname you want to connect to will probably be 'engsoc.carleton.ca' or 'engsoc.org' or 'engsoc.com' (HINT: they're all technically the same!). To change your password you will want to connect to 'hops.engsoc.org', otherwise all the above address go to 'lager.engsoc.org'.

UNIX Users (OpenSSH)

If you are using some sort of UNIX, there is no PuTTY client for your system. There is OpenSSH. You can get tarballs from www.openssh.com/portable.html; any OpenBSD mirror should have it. You likely want the portable version if you are not running OpenBSD. I won't cover installing the tarball since there is plenty of documentation on the OpenSSH website for that, I'm sure.

There are RPMs available for RPM-based Linux distributions. OpenSSH actually comes with RedHat 7.0, so that's a good place to look if you run RedHat. Other folks might want to look at: http://www.rpmfind.net/linux/RPM/OByName.html. You might need to grab the OpenSSL RPM as well if you don't have it.

To install the RPMs just do: # rpm -Uvh openss*.rpm

Prince Users

Some of you might want or need to use Prince for SSH connections to EngSoc. If, for example, you connect to Carleton via dialup to one of the CCS modem pools you can telnet to Prince and use SSH to have a semi-secure connection to EngSoc or other hosts. From the shell on Prince you can do:

    {prince:1} ssh -l matt engsoc.org

You can replace 'matt' with your username and 'engsoc.org' with the host you'd like to connect to. If you were wondering, the dash 'l' stands for 'login' (I believe). If it is your first time connecting to a particular host, SSH will ask you if you are sure (because you have to accept its host key). To this you will answer 'yes'. That's y, e, s, and not 'y'. Then you will be prompted for your password. Incidentally, this is the way you'll use SSH on any UNIX system (including EngSoc).

Please note that connecting to Prince via telnet from home and then connecting to EngSoc via SSH totally negates any security benefits we're trying for here!