Of all the apps I rely on every day, it's guaranteed that I'll find myself using SSH to access one of my boxes, or a client's web site, or something eles on another machine. SSH is a secure way to access another machine & run programs, but it's so so so so so very much than that. It's one of those awesome apps that repays study, because the more you learn, the more there is to learn. "Getting started with SSH" is a guide to this amazing program that reminds me of a dark ale: it goes down smoothly and gives me what I want, but it leaves me wanting more. In this case, that's a good thing. Want to find out the basics about SSH, and maybe learn one of two new things if ya already know something? Then check "Getting started with SSH" out! (Check out all of our posts on SSH.) ...

According to eWeek SSH Communications, the creators of SSH, came out on the offensive against OpenSSH this week as part of the launch of SSH Tectia 5.0 claiming that OpenSSH is good, but it's not enterprise strength like Tectia: OpenSSH certainly has its place, and we are not competing with them. We truly have a different class of product that is more suitable for business-critical applications. In particular, SSH Communications claims that OpenSSH provides poor sftp and application connectivity support, nevermind that OpenSSH encrypts the vast majority of the world's VPN traffic. Needless to say, the open SSH team was not amused, considering that accoring to their numbers OpenSHH is deployed on 87% of all internet-facing servers, and 92% of servers that provide SSH access. It is also the SSH implementation of choice for router and firewall vendors from Cisco and Foundry to D-Link and Linksys. ...

If you don't use SSH or SFTP, and instead use telnet or FTP, you're asking for it. Big time. FTP & telnet send everything - passwords included - in the clear. Not safe at all. But, even if you use SSH (& it's descendants, SFTP & SCP), there's always more to learn. SSH offers an incredible amount of cool tricks that enable you to do an amazing amount of stuff. If you want to learn more, check out Brian Hatch's series of articles on SSH at SecurityFocus. They're well-written, & Brian definitely knows his stuff. Read 'em, learn 'em, live 'em. SSH Host Key Protection SSH User identities SSH and ssh-agent ...

Holy freakin' mackeral, I've just discovered SSHFS (pathetic of me, I know), and this thing is awesomely cool! Most of you know that you can mount Samba-shared drives using smbfs. In other words, you enable Samba on a machine, share a directory, and then go to another machine & mount that shared directory via smbfs, which makes it appear as though that remote directory is actually directly connected to your machine. Pretty freaking cool, except that (a) you have to have Samba set up, which can be a PITA, and (b) you can't share drives over the Net. But don't despair - now there's a better way. Using SSHFS, if you can ssh into machine BAR from machine FOO, you can mount a directory that's located on BAR and then access it on FOO, as though it was directly connected to FOO. It's super easy to do it - much easier than with Samba - and better still, everything is encrypted! To add icing on the cake, you can set things up in fstab to make the whole process more automated, if you so desire. ...

Most readers will be familiar with PuTTY, the free SSH and Telnet client (with included xterm emulator). Indeed, it's the SSH client of choice for many, particularly those using Windows. You might not be aware it's open source, however. PuTTY is licenced under the MIT licence, a BSD style licence which is compatible with the GPL. If you're developing software that requires Telnet, SFTP, SSH, or SSH authentication clients, the source is worth checking out, and it's available via Subversion. You can use the source in any way you see fit, as long as you retain the copyright notice. Find out more at the PuTTY download page. (Check out all of our posts on ssh.) ...

If you live on the command line like I do, and you find that you're constantly SSHing into machines all over God's green earth, then you really must stop whatever it is you're doin' & go read this little piece on screen. Here's the link - The Antidesktop - but you'll need to scroll down a tiny lil' bit to find the section titled "screen". Basically, screen allows you to have virtual terminal sessions inside one terminal session. Don't know what I'm talkin' about? Read the little article! (Check out all of our posts on SSH, bash, & the command line.) ...

Now this is way cool, & it's a great example of innovation in the open source area. You've probably heard of PuTTY, the open source & free SSH terminal for Windows. Now there's PortaPuTTY, which is PuTTY hacked so that nothing goes in the registry, meaning you can keep a copy on a USB flash drive and use it with any machine. Now that, my friends, is pretty kick ass. That is definitely going on my USB flash drive! (Check out all of our posts on SSH & PuTTY.) ...

A great big "Happy Birthday!" today to Theo and the gang over at OpenBSD. It was 10 years ago today that the security-focused group spun off to start work on the project that has given us OpenSSH, PF, and a constnt crusade for companies to provide harware documentation for everyone. Here's to many more! And as long as we're talking about OpenBSD: OpenBSD 3.8 is scheduled for delivery on Nov. 1st, and they're taking preorders. (see all our posts on OpenBSD) ...

Sometimes we get so familiar with things that we lose sight of just how cool they really are. Konsole, the terminal emulator for KDE, is like that. It's the very first program I open when I boot my Linux box, and the last one I close when I shut down (I use a laptop 98% of the time). At any given time, I'm doing something in Konsole: downloading a file, performing a backup, compiling something, ssh-ing to another box … something. It's a great program that I use all day, but do I really know all of Konsole's little tricks? No. But "Konsole - an overview" can help rectify that. It's short, it's simple, and it's very informative. Want to learn more about your little buddy Konsole? Now you know where to go. ...

There's a lot of great info out on the web & in bookstores about securing your Linux box, but here's a great resource you should definitely take a look at: Werner Puschitz's Securing Linux Production Systems: A Practical Guide to Basic Security in Linux Production Environments. Written for a technical audience (so if you're an absolute noob, you'd better look elsewhere), this lengthy (over 40 printed pages) guide is designed to provide "basic Linux security requirements for production systems that are being audited". Topics covered include passwords, system services, permissions, ssh, & more. You probably already know a lot of the stuff in here, but you'll undoubtedly find some new info as well, so give it a look. (Check out all of our posts on security.) ...

When it comes to digital music players on Linux, much as I love Amarok, I keep returning to XMMS, a (very) oldie but still very goodie. I especially love it because I can control it remotely, from another machine, by using ncxmms, an ncurses frontend for XMMS. To install it, just get the package from your favorite source, or, if you're using Debian, just do apt-get install ncxmms (you may need to add deb http://www.rarewares.org/debian/packages/unstable ./ to your sources.list file first). To use ncxmms, ssh to the machine running the program and start it. To control ncxmms, use tab to move between the directory list, the files list, & the play list. Use Enter to select a song. And use your normal xmms keyboard shortcuts to control playback (z goes back a song, x plays, c pauses, v stops playback, & b skips ahead to the next song. And best of all, it reccognizes - and displays! - ID3 tags. Sweet! PS: Other folks like xcplay, but I've never used it. Anyone got an opinion ...

I'm really proud to announce that my 3rd book is now out & available for purchase: Linux Phrasebook. My first book - Don't Click on the Blue E!: Switching to Firefox - was for general readers (really!) who wanted to learn how to move to and use the fantastic Firefox web browser. I included a lot of great information for more technical users as well, but the focus was your average Joe. My second book - Hacking Knoppix - was for the more advanced user who wanted to take advantage of Knoppix, a version of Linux that runs entirely off of a CD. You don't need to be super-technical to use and enjoy Hacking Knoppix, but the more technical you are, the more you'll enjoy the book. Linux Phrasebook is all about the Linux command line, and it's perfect for both Linux newbies and experienced users. In fact, when I was asked to write the book, I responded, "Write it? I can't wait to buy it!" The idea behind Linux Phrasebook is to give practical examples of Linux commands and their myriad options, with examples for ...

Note: this is not a call for bloggers. I'm not looking for someone to write for this blog. If you want to do that, apply here. This is a call for developers. If you're reading our tech blogs, you probably know someone — or are someone — who works on web applications. We're expanding our Weblogs, Inc. tech team, looking for web developers and technical web designers for full-time positions. The exact skills are less important than these traits: bright, energetic, blog savvy, great communication skills (email, IM and in person), organization and problem solving. I'm not looking to fill a specific role like "MySQL developer". I want to find two or three people who know how to keep this giant blogging platform flying along and contribute to our always-changing stream of web projects. But just so we don't get people expecting to work on something else we don't use, here are some real skills we need: Apache, PHP and MySQL ASP/VBScript, Microsoft ...

Mail from Theo to the list this morning: From: Theo de Raadt To: announce@cvs.openbsd.org Date: Nov 1, 2005 1:30 AM Subject: OpenBSD 3.8 released November 1, 2005 Go and get it!  (Please remember to check the primary mirrors please — thanks) OpenBSD 3.8 RELEASED Nov 1, 2005. We are pleased to announce the official release of OpenBSD 3.8. This is our 18th release on CD-ROM (and 19th via FTP). We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install. As in our previous releases, 3.8 provides significant improvements, including new features, in nearly all areas of the system: ...