nificant differences exist among them. For example, VShell SSH server offers easy configuration methods to restrict shell access to an SSH client but also allows other SSH options such as SFTP or port forwarding. If SSH needs to be set up for secure file transfer, shell access should probably be restricted. If Vshell is used, this restriction can be set quite easily. On the other hand, OpenSSH does not offer quite the same ease of restricting shell access to users. Similarly, if SSH needs to be set up for remote management to internal servers only, all three SSH servers can be used; however, if remote management needs to be limited to a specific number of machines and ports, VShell and SSH Com- munications’ are probably good choices, since they offer SSH access with port- forwarding restrictions.
If SSH is being deployed in an environment where several different SSH servers exist, OpenSSH is probably a good choice, since it offers the most flex- ibility and interoperability with any other SSH server that may be a different installation.
Your choice of an SSH server is highly dependant on the type of functional- ity required for SSH. Because SSH can be used in a variety of ways, you need to understand the different servers and the specific functionality that each offers.
When deciding on the choice of an SSH server for your organization, it is important to know the business and technical requirements in addition to the different options available with each. While many SSH servers offer similar functionality, many offer features that might not be present in others. For example, if your SSH architecture is being used for terminal access, port for- warding, SFTP, or all of the above, different SSH servers have strengths and weaknesses that should influence your decision.
In this chapter, I have described in detail the various options available in each SSH server and use this information throughout the rest of this book to highlight the strengths and weakness of the SSH servers. This approach will not only help you understand the features of the SSH servers, but will also allow you to make an informed decision when choosing a server.
Chapter 1 of this book has covered the basics of SSH (namely, the deploy- ment of SSH servers), and Chapter 2 has covered the detailed descriptions of SSH servers themselves. The next chapter focuses on SSH clients.
87
Many SSH clients provide different types of functionality and usage. The list of SSH clients includes freeware, downloadable easily from the information superhighway; noncommercial freeware, available for all development and learning environments; and pay commercial clients, used only for commercial use and commercial development. While there may be several SSH clients that can be used for various operating systems, all SSH clients are not created equal. The type of SSH client you use can significantly affect the type of SSH experience you have. For example, several SSH clients do not have built-in SFTP or SCP functionality. The absence of such functionality requires you to download and use two separate tools: one for SSH usage and one for SFTP/SCP usage. Although using two tools may be simple enough, the cum- bersome process might discourage novice users. The SSH clients that provide built-in SFTP/SCP functionality might offer you a superior SSH experience.
This chapter explores several SSH clients available for Unix and Windows. Also, the configuration of various SSH clients and customization for optimal usage is discussed. The following clients are the focus of this chapter:
Command-Line SSH Clients ■■ Secure Shell Communications ■■ OpenSSH
The discussion of SSH clients in this chapter, and throughout this book, is limited to the major ones. Keep in mind that there are many other types of SSH clients, very similar to and as good as the ones covered here. For example, F-Secure’s SSH client and SSH Communications’ SSH client are extremely similar.
Although many of the SSH clients discussed in this chapter offer similar functionality, there are various subtle differences among them. For example, SSH Communications’ SSH client offers an integrated SFTP client that can be used in a seamless fashion. On the other hand, SecureCRT does not provide a fully integrated tool for SFTP in its SecureCRT SSH client; however, Secure- CRT does contain an HTTP proxy tunnel that is very easily configurable but not so simple on SSH Commutations’ SSH client. Furthermore, MindTerm’s FTP-to-SFTP bridging capability provides an easy method for connecting non- SSH enabled clients to gain access to an SFTP server. Despite the fact that the connection from the FTP client to the SFTP client is still insecure, the connec- tion from the SFTP server to SFTP client is still secure, which might be the only connection used over an insecure network such as the Internet.
Your choice of an SSH client is highly dependant on the type of functional- ity required for SSH. Since SSH can be used in a variety of ways, it is important to understand the various clients and the specific functionality that each offers. This chapter will allow your SSH-client decision to be as informed as possible. For example, if SSH is being deployed primarily for its file-transfer capabili- ties, WinSCP and SSH Communications’ SSH clients are probably good choices. On the other hand, if SSH is being deployed for remote shell access via an HTTP proxy server, the SecureCRT and PuTTY clients are probably good choices. Lastly, if SSH is being deployed for remote access from undefined and uncontrolled terminal locations, MindTerm is probably a good choice, since it offers SSH access with the need of only a Web browser.
The SSH client you choose does not have to be based exclusively on techni- cal capabilities; personal preference is important as well. While there may be many differences among SSH clients, their basic principle is the same: encrypted communication.