Check out the new USENIX Web site. 4th Annual Linux Showcase and Conference, Atlanta

Pp. 225–234 of the Proceedings
Next
Available Versions

SSH Port Forwarding

Giles Orr

Jacob Wyatt

16 July, 2000

Secure Shell (a secure replacement for telnet/rsh) allows the securing of normally insecure services such as FTP, POP, SMTP, and VNC. We will discuss basic installation of SSH, including several examples of port forwarding, and you will learn how to apply this excellent security tool for your own purposes.


Table of Contents
Introduction
Available Versions
Basic Use of SSH
Port Forwarding
Forwarding X
Forwarding News
Forwarding FTP
Port Numbers
Forwarding Mail under Windows
Pitfalls
Conclusion
Resources

Introduction

SSH stands for "Secure SHell." SSH is a replacement for telnet, rsh, and rlogin, to allow secure shell access to remote machines over an untrusted network. Telnet was designed at a time when the Internet consisted of a relatively small number of universities, and no one had ever heard of a packet sniffer. Packet sniffers such as sniffit and tcpdump are now relatively common - they have some highly practical uses, but obviously can also be used to collect passwords of those using unencrypted connections on a local network. Even if the password handshaking is encrypted, quite a bit of personal information can be collected watching an unencrypted transaction after the passwords. SSH packets looks like garbage to a packet sniffer.





This paper was originally published in the Proceedings of the 4th Annual Linux Showcase and Conference, Atlanta, October 10-14, 2000, Atlanta, Georgia, USA

Last changed: 8 Sept. 2000 bleu

Papers Index
USENIX home