Legal Notices | Privacy Policy
Site Map | Refund Policy
Copyright © 1995 -
VanDyke Software, Inc.
All rights reserved.
|
Security Benefits
The Secure Shell protocol provides four basic security benefits:
- User Authentication
- Host Authentication
- Data Encryption
- Data Integrity
User Authentication
Authentication, also referred to as user identity, is the means
by which a system verifies that access is only given to intended
users and denied to anyone else. Many authentication methods are
currently in use, ranging from familiar typed passwords to more
robust security mechanisms. Most Secure Shell implementations include
password and public key authentication methods but others (e.g.
kerberos, NTLM, and keyboard-interactive) are also available. The
Secure Shell protocol's flexibility allows new authentication methods
to be incorporated into the system as they become available.
Password Authentication
Passwords, in combination with a username, are a popular way to
tell another computer that you are who you claim to be. If the username
and password given at authentication match the username and password
stored on a remote system, you are authenticated and allowed access.
Some protocols like FTP and Telnet send usernames and passwords
as easily visible ASCII text "in the clear" allowing anyone
with a sniffer program to easily capture them and then gain access
to the system (see Eavesdropping
for more details). Secure Shell safeguards against this attack by
encrypting all data, including usernames and passwords, before transmission.
Although passwords are convenient, requiring no additional configuration
or setup for your users, they are inherently vulnerable in that
they can be guessed, and anyone who can guess your password can
get into your system (see the Need
for Policy section for more details). Due to these vulnerabilities,
it is recommended that you combine or replace password authentication
with another method like public key.
|
