I've written this small document in an attempt to ease the transition from TELNET and FTP to SSH and SCP.
Steve Zinck (sz@mathstat.dal.ca)
03/25/02

Some background information

Telnet has been the standard protocol for logging into Unix systems for many years now, however due to limitations with its design, namely the fact that it passes everything over the network in plain readable text, together with the exponential growth of the Internet, it is no longer desirable to use Telnet. SSH (Secure SHell) has been developed with security and encryption in mind, and is here to replace Telnet.

Like Telnet, FTP has been around since the development of the TCP/IP Protocol Suite (the communication language that powers the Internet), and also passes all information in plain text. SCP is now available to replace it.

This means that when you log into a remote Unix system via either TELNET or FTP, you can be subject to 'hackers' watching your every move. (Of course, this DOES NOT mean that this has been occuring when you are logging into the network here at Dalhousie, however it IS technically possible)

The SSH and SCP protocols were developed in an attempt to replace the aging and insecure protocols TELNET and FTP respectively. If you use SSH and SCP to log into your Unix account, everything you send across the network - passwords, email you type, etc. - will be encrypted so that hackers will not be able to view your keystrokes. This is all done transparently to the user; nothing will look any different, you are just helping ensure the privacy and integrity of your data.

For this reason, we are STRONGLY ENCOURAGING all users to stop using TELNET and FTP in favor of SSH and SCP.

For more information on using and installing a Windows SSH client, click here.

For more information on using and installing a Windows SCP client, click here.

For more information on passwordless logins with SSH and SCP, click here.

For more information on using SSH and SCP on Unix systems, click here.

(note: ssh and scp are actually drop-in replacements for the r* services such as rlogin and rcp, however 95% of users here use Telnet and FTP, so thats why this document is speaking of telnet and ftp and not rlogin and rcp - they all provide essentially the same service, without the layer of encryption that the SSH suite provides).