SSH (Secure SHell) is a protocol for remotely logging into a machine. Much like Telnet, an SSH client will provide the user with a text session ("shell") on the remote machine. Unlike Telnet, SSH provides an encrypted connection between the client and the server. In practical terms, the difference between using Telnet and SSH is much like the difference between visiting ordinary websites and visiting so-called "secure" websites.
Similarly, SFTP (Secure FTP) is a replacement for FTP which provides an encrypted connection between the client and server for file transfer.
SSH (Secure SHell) and SFTP (Secure File Transfer Protocol) are required to access the ITS Login Service and the ITS Statistics and Computation Service.
To gain access to the Login or SCS machines, you need to send them your uniqname and password. When you connect via Telnet or FTP, you do this in a way that anyone who knows how to eavesdrop can easily read and use your uniqname and password themselves because it was sent in plain text. We are requiring that you use only SSH and SFTP so that your uniqname and password are sent in an encrypted form that will not be easily and instantaneously reusable by an eavesdropper.
Making this change is one way to help to protect your ITS account from being hijacked by "hackers."
When logging into a machine in the Login or Statistics and Computation services, you should use SSH.
When transferring files into and out of your IFS space, you should use SFTP, and you should connect to sftp.itd.umich.edu, not to the Login or SCS servers.
Everything you need to start using SSH should either be on your computer already or is available via the U-M Blue Disc website.
For Microsoft Windows (XP/Vista/7/Server 2003/Server 2008), we recommend that you use PuTTY and WinSCP, available in a bundled installer package at the U-M Blue Disc website.
Instructions for the use of PuTTY and WinSCP from the Blue Disc are available on the web. Please see the following for instructions on the operation of PuTTY client and the WinSCP Secure File Transfer client.
Mac OS X comes with SSH installed, and it is usually invoked from a Terminal window by typing one of the following commands. (To run the Terminal application, go to: Applications>Utilities>Terminal)
ssh login.itd.umich.eduor
ssh scs.itd.umich.edu
If your user name on your Mac is different from your uniqname, please use your uniqname as the user name to connect to the Login or SCS machines. To do so, substitute uniqname with your uniqname in the command below:
ssh uniqname@login.itd.umich.edu
The Blue Disc installs an icon that that you can just click to make the connection.
To transfer files while using Mac OSX, we recommend that you use the Fugu program, available from the U-M Blue Disc website.
In Mac OSX, a command line alternative for doing secure file transfers is to run scp in a Terminal window. To transfer a file from your Mac to your IFS home directory on the Login machines, type the following command and substitute file with the correct file name and user with your uniqname.
scp file user@sftp.itd.umich.edu:file
Free UNIX-like systems such as Linux, FreeBSD, NetBSD, and (notably) OpenBSD have long benefitted from integrated OpenSSH support. On those machines, users will usually only have to switch from running telnet to running ssh in the command shell and using scp instead of ftp. Users of commercial UNIX variants desiring Secure Shell support are advised to contact their vendor(s).
The PuTTY/WinSCP installer is available from the U-M Blue Disc website.
Note: If your computer is managed by someone else, such as a staff or corporate workstation, please let the tech staff responsible for the computer take care of installing this software. The installer must be run with administrator privileges, and a reboot may be necessary to complete the installation.
Fugu, a graphical SFTP client for Mac OS X, is available via the U-M Blue Disc website.
OSX comes with Terminal, ssh and scp installed.
October 13, 2011
© 2012 The Regents of the University of Michigan
