Secure Shell

Demonstrate that ssh (secure shell) is installed and working on your
server.  In addition, prove that telnet is turned off.

Telnet and ftp (file transfer protocol) are ancient and honorable
parts of the Internet, but they suffer from an unfortunate deficiency:
they transmit their login passwords in clear text across the network.
What does this mean?  It means that many computers may see the packets
that make up the traffic between two computers.  A packet sniffer is a
computer or program that keeps track of these packets, and may try to
put them together.  Much like eavesdropping on a conversation, the
packet sniffer may discover some secrets that would allow a bad guy to
impersonate you and mess up your system.

SSH encrypts the traffic between two computers.  The encryption is
generally quite good, with the goodness measured in the number of bits
in the key.  128 is a common and good size for a key.  40 is a common
but bad size for a key.  Bigger is better, but also slower to set up.

Your demonstration should prove that you can connect to your computer
using ssh, and to telnet types of activities.  Additionally, your
demonstration should do ftp types of activities, to show that you can
put files onto your server in a secure way.

Under RedHat 7.0, the default appears to be ssh that provides telnet
capabilities, but not ftp capabilities.

When hackers take over a web site, they commonly will deface the
homepage of that web site.  You don't want that to happen to your
server.  If your password gets out, it makes it very easy for that to
happen.  Each time you connect to your server to update your web pages
or CGI scripts, if you connect with normal ftp or normal telnet, you
are passing your password in the clear for all the world to overhear.

For more information on ssh, visit ssh.com or read the manual pages
for ssh ("man ssh" or "info ssh").