# Questions about ssh

## mlsfit138

A long time ago, when i was an absolute N00b, just out of curiosity, I telneted, my mandrake box from a friends house.  I have no idea what service in my mandrake install allowed me to do this, but i was able to login as a user!    could it have been ssh?  I thought that it was really cool though, i could access all of my files and stuff.

Now that i have gentoo installed I'm learning a lot more about my system, and i think that it could come in handy if i could access my box from remote windows computers.  

Are remote logins enabled by default?  is ssh the only good means available?  Is ssh accessible thru windows telnet?  if not, what is?  if ssh is not accessible thru windows telnet, what do i have to do to access my computer via ssh from a windows box?  This one is way out there, but i know that X is supposed to be network transparent, so what would happen if i ran startx from a remote shell?

I scanned man ssh, and it had a lot of cool info, but it didn't answer some of my questions, so i'm turning to you guys!    :Wink: 

----------

## BenjyD_UK

Windows telnet doesn't support the SSH protocol. Putty is a good windows SSH client, you can get it here:

http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

You need to have sshd (the ssh daemon) running to allow remote logins. Make sure you have openssh  installed (emerge openssh) on the gentoo box, start the daemon (/etc/init.d/sshd start) and remote logins are enabled.

You can forward X sessions over ssh - look up X forwarding over ssh. You need a local X server running on the client machine as well.

----------

## manywele

Telnet and ssh are not interoperable.  ssh is more secure than telnet.  To use ssh from a windows machine what you are looking for is puTTYhttp://www.putty.nl/.  I hear that you can use it without actually installing it on the windows machine but I've never used it myself.

ssh is the best way to go.  It's not enabled by default, you have to be running sshd (the ssh daemon).  To get it emerge openssh.  As far as X, you can start it remotely but you're just ssh-ing into a shell.  You won't get a full usable X desktop on the machine you are ssh-ing from. If you want that try VNC.

----------

## mlsfit138

awesome!  that already helps a lot.   :Smile: 

by the way, any ideas about what service mandrake may have been running that allowed me to telnet my box?  that would come in pretty handy if someone didn't want me installing programs on their computer.  say if i needed to access files that are at home from school.  they aren't gonna let me install putty, but telnet is already there.

i'm kind of getting the impression that ssh is secure, and whatever service allowed that remote login wasn't.  bummer.  oh well, i doubt anybody would want to hack my box.  nothing worth finding!

----------

## mlsfit138

wow you guys are fast.  i guess you can disregard most of my last message.

 *manywele wrote:*   

> As far as X, you can start it remotely but you're just ssh-ing into a shell. You won't get a full usable X desktop on the machine you are ssh-ing from. If you want that try VNC.

 

a shell would meet my needs, and i'm sure that a remote X desktop would have all kinds of limitations(like speed!)  I'll look into VNC just to satisfy my nerdy needs though. :Laughing: 

thanks.[/quote]

----------

## markkuk

Don't even think of using telnet from outside a secured network! PuTTY doesn't need "installation", it can be run from a floppy.

----------

## MrPyro

The service on Mandrake would have been telnetd. This is available as an ebuild: netkit-telnetd

However, as many have already stated: telnet outside of a secure network is a bad, bad bad, bad bad bad thing. SSH is much better

PuTTY is a wonderful app for windows. It's just an executable file, so no installation is necessary: just download onto the desktop and double-click to bring up a little gui that sets up your session.

----------

## Onion Avenger

From my school's library, I routinely SSH into my computer using putty.  I downloaded just a single executable that runs, not installs.  It's very nice when used with screen.  This way I can start a compilation on my computer from my dorm room, and a few hours later when I'm in the library, I can SSH in and then view my progress, do stuff, start merging something else, etc.

Once all the public access computers were full so I was dinkering around on a kiosk.  I was able to get IE up, and from there I googled for a java-based SSH client I could run from my web browser.  I found one (forgot exactly what it's called but it didn't take long to google for one) , so without even downloading and running an executable, I was able to SSH into my computer.  Very nice.

But I do have a question about X11 forwarding:

I can have Putty forward my ports, but it mentions that it needs an X client running on the computer as well.  The two ones it referrenced were dumb.  Anyone using something better?  Or just VNC?

--Richie, the Onion Avenger

----------

## garn

Just a note as to /why/ telnet is "bad".

When you connect to your box from say school. A packet is sent from the computer you are one, to the switch/hub in the room, to the schools router then through a bunch of other routers then eventually to your computer at home.

With telnet this packet has your username and password in it. With ssh an encryption method is used so only your machines (which has the private key) can decrypt the username/password, so anyone that intercepts it on the way won't have r00t on your box.

Just how easy is it to intercept these packets? Really easy, if your school is using hubs (which it most likely is, they are much cheaper) then anyone in the same room as you could run a packet sniffer and see your traffic. Try out ethereal to experiment with this. It's a useful tool not just for password stealing

----------

## BitJam

If you want to be able to ssh to your Linux box from your friends' windows machines I suggest you check out the  MindTerm Java Applet

You put this on your Linux box running a web server and it allows you to shh to the linux box from any client that is running a browser that supports Java.   There is no need to install any software on the client machine.

I just downloaded it and installed it here.  It just took a few minutes.  Works great with Moz but caused Konq to crash.   Should work with IE.

----------

## Onion Avenger

 *Quote:*   

> If you want to be able to ssh to your Linux box from your friends' windows machines I suggest you check out the  MindTerm Java Applet

 

Yeah!  That's what I was using at the kiosk!  Works swell!

----------

## BitJam

 *Onion Avenger wrote:*   

>  *Quote:*   If you want to be able to ssh to your Linux box from your friends' windows machines I suggest you check out the  MindTerm Java Applet 
> 
> Yeah!  That's what I was using at the kiosk!  Works swell!

 

I hadn't thought of that.  My suggestion was to install the applet on the Linux server ( I used /home/httpd/htdocs/shh/index.html as the page and put the jar file in the same directory).    That way you don't need to do any tinkering on the client.

That was clever of you to be able to use it directly on the client.

----------

## Onion Avenger

 *BitJam wrote:*   

>  *Onion Avenger wrote:*   
> 
> Yeah!  That's what I was using at the kiosk!  Works swell! 
> 
> I hadn't thought of that.  My suggestion was to install the applet on the Linux server ( I used /home/httpd/htdocs/shh/index.html as the page and put the jar file in the same directory).    That way you don't need to do any tinkering on the client.

 

So you have the SSH client AND server on the machine?  Then access the machine via HTTP?  I didn't think of using it that way...that's pretty cool.  

But yeah, I found some site (I think it was some university) that had the MindTerm Java Applet there.

----------

## mlsfit138

that java client sounds perfect.  then i'm not required to install, download, or even carry a disk.  i can do it right for internet explorer.  *evil laughter*  doesn't something seem perverse about that? 

i guess the only security danger would be if somebody installed a keylogger.

----------

## tecknojunky

 *markkuk wrote:*   

> Don't even think of using telnet from outside a secured network! PuTTY doesn't need "installation", it can be run from a floppy.

 Keep in mind that puTTY put entries in the Windows's registry.

----------

