Topic: SSH client on Mac

[Paul]

Hello all.  I am just learning about ssh.  

1. When I log in using NiftyTelnet ssh I get an open padlock at the bottom left of my screen which I believe indicates an unsecure session.  I have obviously left something out.

2. Here is the process I used to get this far.

Install ssh rpms as indicated in http://e-smith.made-to-order.net/article.php3

The e-smith part of the install went really smooth.  However I don't understand what if anything I need to do with the identification and public key data.


Use ssh on a Mac with e-smith
   get NiftyTelnet 1.1 SSH r3 from internet
      http://www.lysator.liu.se/~jonasw/freeware/niftyssh/
   get and install Compact Pro 1.51
      http://www.ensky.com/unzip.html#comp.cpt
   using Compact Pro, open niftytelnet-1.1-ssh-r3.cpt
      Edit | Select All
      Archive | Extract
   Open Nifty Telnet
      Shortcuts | Edit Shortcuts | Edit Shortcuts
         Shortcut Name: e-smith server
         Host Name: 192.168.1.1
         User Name: root
        Open e-smith server
      provide password

open padlock shows
----

3. FYI as of Sept 6, 2000 it is now legal to use RSA's algorithm in the US and you can get a free RSA algorithm T-shirt while they last!!
      http://www.rsasecurity.com/total-solution/shirt.html


This just keeps getting better and better!

[Charlie Brady]

Paul wrote:

> Hello all.  I am just learning about ssh.
...
> The e-smith part of the install went really smooth.  However I
> don't understand what if anything I need to do with the
> identification and public key data.

You will find good information about SSH and its use at various sites on the Internet.

> User Name: root

SSH on the e-smith server is configured to disallow root login. This may be the cause of your problem. Configure your personal account to have an interactive login shell, and use that login.

Regards

Charlie

[Dan Brown]

Charlie Brady wrote:

> SSH on the e-smith server is configured to disallow root login.

    Really?  I haven't had any trouble with it, and I don't think I've changed anything.  I'm using the e-smith-openssh-0.5-4 RPM; has this been changed in a later version?

[Charlie Brady]

Dan Brown wrote:

> Charlie Brady wrote:
>
> > SSH on the e-smith server is configured to disallow root
> login.
>
> Really?  I haven't had any trouble with it, and I don't think
> I've changed anything.  I'm using the e-smith-openssh-0.5-4
> RPM; has this been changed in a later version?

I don't know, you'd have to check the source. It's certainly that way now - and that's how it should be. You don't want to have the whole internet banging away on your ssh daemon, trying to guess the root password.

Charlie

[Paul]

I am now connecting with ssh just fine thank you.  

For the benefit of other Mac folk, here is what I did.

1. I added a user 'scott'.  Then by searching General Discussion forum for "ssh brady" I was able to determine that:

/usr/bin/chsh -s /bin/sh scott

would allow 'scott' shell access.

But the connection still showed the padlock icon in the lower left corner!  I then discovered that there are 4 protocol options [Telnet | SSH-DES | SSH-3DES | BLOWFISH ] available for Nifty-Telnet ssh. I was using Telnet!

I tried all other options.  Each opened a terminal window and then poof! It would disappear.  

Meanwhile, I had problems with another network application on my iMac.  I reinstalled my Mac OS 8.5 system tonight and voila!  When I opened a ssh terminal session NiftyTelnet asked me to accept a public key.  It works with SSH-DES or Blowfish. E-smith apparently doesn't accept SSH-3DES but I am sooo.. happy.


Thanks Charlie!

[Charlie Brady]

Paul wrote:

> E-smith apparently doesn't accept SSH-3DES

Ummm, it sure does ... I'm using it now.

> but I am sooo.. happy.

I'm glad to hear it.

Charlie

[Paul]

You are right (as usual) Charlie!  

I tried SSH-3DES again and it worked!  I continue to have reliability problems with my iMac system. When she is good, she is very, very good.  But when she is bad...

The ability to have ssh for remote administration really opens up possibilities for me.

Thanks again e-smith for a terrific product!