SSH (Secure SHell) is a protocol for remotely logging into a machine. Much like Telnet, an SSH client will provide the user with a text session ('shell') on the remote machine. Unlike Telnet, SSH provides an encrypted connection between the client and the server. In practical terms, the difference between using Telnet and SSH is much like the difference between visiting ordinary websites and visiting so-called "secure" websites.
Similarly, SFTP (Secure FTP) is a replacement for FTP which provides an encrypted connection between the client and server for file transfer.
SSH (Secure SHell) and SFTP (Secure File Transfer Protocol) are required to access the ITS Login Service and the ITS Statistics and Computation Service.
To gain access to the Login or SCS machines, you need to send them your uniqname and password. When you connect via Telnet or FTP, you do this in a way that anyone who knows how to eavesdrop can easily read and use your uniqname and password themselves because it was sent in plain text. We are requiring that you use only SSH and SFTP so that your uniqname and password are sent in an encrypted form that will not be easily and instantaneously reusable by an eavesdropper.
Making this change is one way to help to protect your ITS account from being hijacked by 'hackers'.
When logging into a machine in the Login or Statistics and Computation services, you should use SSH.
When transferring files into and out of your IFS space, you should use SFTP, and you should connect to sftp.itd.umich.edu, not to the Login or SCS servers.
Everything you need to start using SSH should either be on your computer already or is available via the U-M Blue Disc website.
For Microsoft Windows (98/NT/2000/XP/Vista), we recommend that you use the Secure Shell client that is available at the U-M Blue Disc website.
Instructions for the use of SSH applications from the Blue Disc are available on the web. Please see the following for instructions on the operation of the SSH Secure Shell client and the SFTP Secure File Transfer client.
Mac OS X comes with SSH installed, and it is usually invoked from a Terminal window by typing one of the following commands. (To run the Terminal application, go to: Applications>Utilities>Terminal)
ssh login.itd.umich.eduor
ssh scs.itd.umich.edu
If your user name on your Mac is different from your uniqname, please use your uniqname as the user name to connect to the Login or SCS machines. To do so, substitute uniqname with your uniqname in the command below:
ssh uniqname@login.itd.umich.edu
The Blue Disc installs an icon that that you can just click to make the connection.
To transfer files under OSX, we recommend that you use the Fugu program, available from the Blue Disc website.
In Mac OSX, a command line alternative for doing secure file transfers is to run scp in a Terminal window. To transfer a file from your Mac to your IFS home directory on the Login machines, type the following command and substitute file with the correct file name and user with your uniqname.
scp file user@sftp.itd.umich.edu:file
Free UNIX-like systems such as Linux, FreeBSD, NetBSD, and (notably) OpenBSD have long benefitted from integrated OpenSSH support. On those machines, users will usually only have to switch from running telnet to running ssh in the command shell and using scp instead of ftp. Users of commercial UNIX variants desiring Secure Shell support are advised to contact their vendor(s).
The SSH Secure Shell installer is available from the U-M Blue Disc website.
Installing the Windows Client:
If your computer is managed by someone else, such as a staff or corporate workstation, please let the tech staff responsible for the computer take care of installing this software. The installer must be run with administrator privileges, and a reboot will be necessary to complete the installation.
Fugu, a graphical SFTP client for Mac OS X, is available via the U-M Blue Disc website.
OSX comes with Terminal, ssh, and scp installed.
General Computing | Contact Us | Computing on Campus | Wolverine Access | University of Michigan
October 19, 2009