Archive for the ‘security’ Category

SSH and Windows

Most security-conscious organizations have replaced telnet with ssh for remote access to Unix machines. While the security benefits are well-known and well-understood, there are several other very good reasons to use ssh instead of telnet, such as the use of ssh keys for authentication instead of passwords. Continue reading

Advertisements

signtree

signtree is a Perl script that takes a list of files and generates detached signatures for each one, using the GnuPG module. If there is already a signature file, then it is verified, and updated if the signature does not match. This is a development tool, not a mass verification tool. Continue reading

ssh-hostfpr

I recently had a need to check the ssh fingerprints of a remote host. ssh-keyscan will do this, but, aggravatingly, doesn’t emit the fingerprint in the same form that the ssh client does. ssh-keygen will display the fingerprint of a host key, but it only works on files. So, I wrote a little shell script, called ssh-hostfpr, that will present the fingerprint of a remote host. It uses ssh-keyscan and ssh-keygen, which should be included with any sane SSH distribution. Continue reading