The Secure Shell (SSH) Frequently Asked Questions
0.
Meta-info
0.1. Where can I get this document?
0.2. Who maintains this document?
0.3. Where do I send questions, additions, corrections etc. about this document?
0.4. Revision history
0.5. Legalese
0.6. Credits
1.
About Secure Shell (SSH)
1.1. What is Secure Shell (SSH)?
1.2. How widespread is its use?
1.3. What protocols does it use?
1.4. What encryption algorithms does SSH use?
1.5. How does SSH authenticate?
1.6. What does SSH protect against?
1.7. What doens't SSH protect against?
1.8. What is the difference between SSH1 and SSH2?
1.9. Who maintains SSH?
1.10. Can I run SSH legally?
1.10.1. Licensing
1.10.2. Cryptography laws
1.10.3. Patents on cryptographic algorithms
1.11. What operating systems does SSH run on?
1.12. Shouldn't I be using only SSH2?
2.
Getting SSH
2.1. Where is the official SSH distribution and mirror sites?
2.1.1. Official Site
2.1.2. Mirrors
2.2. How about getting other relatively free versions of SSH?
2.2.1. UNIX
2.2.2. Java
2.2.3. Windows
2.2.4. Macintosh
2.2.5. OpenVMS
2.2.6. Handheld devices
2.2.7. BeOS
2.2.8. OS/2
2.3. How about getting commerically supported versions of SSH?
2.3.1. SSH Secure Shell
2.3.2. Van Dyke Software SecureCRT
2.3.3. F-Secure Tunnel and Terminal
3.
Installing SSH
3.1. What is the latest version of SSH?
3.2. How do I install SSH?
3.3. Does it make sense to install SSH as a non-root user on UNIX?
3.4. Where do I get pre-compiled binaries for SSH?
4.
Running SSH
4.1. How do I run SSH1?
4.1.1. ssh1
4.1.2. scp1
4.1.3. sshd1
4.1.4. ssh-agent1
4.1.5. ssh-add1
4.2. How do I run SSH2?
4.2.1. ssh2
4.2.2. scp2
4.2.3. sshd2
4.2.4. ssh-agent2
4.2.5. ssh-add2
4.2.6. sftp2
4.3. How do I administer SSH after I have the daemon running?
5.
SSH and other applications
5.1. Can I run backups over ssh?
5.2. Can I use ssh to communicate across a firewall?
5.3. Can I use rdist or rsync with ssh?
5.4. Can I use ssh to securely connect two subnets across the Internet?
5.5. Can I use ssh to securely forward UDP-based services, such as NFS or NIS?
5.6. Can I use ssh to protect services like ftp or POP?
5.7. Can I use ssh across a Socks firewall?
5.8. Is there ssh support for AFS/Kerberos?
5.9. Can I use TCP wrappers for added security on SSH?
5.10. How do I tunnel X through SSH?
5.11 Can I forward SGI GL connections over ssh?
5.12 Does SSH support digital certificates?
5.13 Does SSH work with PGP keys?
6.
Patches for SSH
6.1. Applying patches for SSH
6.2. Official patch distribution from SSH Communications Security
6.3. Other patch distributions
7.
Troubleshooting SSH
7.1. Common compiling problems
7.1.1. Compiling fails with some error messages from the assembler.
7.1.2. The
configure
process cannot find xauth!
7.2. General troubleshooting tips
7.2.1. Ssh is doing wrong things for multi-homed hosts!
7.2.2. Ssh asks me for passwords despite .rhosts!
7.2.3. Why does ssh loop with "Secure connection refused'?
7.2.4. ssh hangs when forwarding multiple TCP connections.
7.2.5. I still see cleartext packages on the net when I run ssh!
7.2.6. I have problems with RSAREF, something to do with too many bits!
7.2.7. Connections are forwarded as root by ssh!
7.3. X11 Forwarding problems
7.3.1 ssh otherhosh xclient & does not work
7.3.2 ssh-agent does not work with rxvt!
7.3.3 X authorization always fails.
7.3.4 What does Warning: remote host denied X11 forwarding mean?
7.4. Linux
7.4.1 X11 forwarding does not work for an SCO binary with the iBCS2 emulator under Linux.
7.4.2 On Linux, compilation aborts with some error message about libc.so.4
7.5. Solaris
7.5.1 Compiling with Solaris 2.5 fails!
7.5.2 Ssh fails with "Resource temporarily unavailable" for Solaris
7.5.3 Sshd hangs under Solaris 2.5!
7.5.4 ssh-keygen dumps core on Solaris or SunOS
7.6. Other operating systems
7.6.1 ssh-keygen dumps core on Alpha OSF!
7.6.2 On HP-UX 9, X authorization sometimes fails.
7.6.3 Userid swapping is broken under AIX!
8.
Getting support for SSH
8.1. Who provides support for SSH?
8.1.1. What groups can help me with the "free" versions?
8.1.2. How can I get commercial support for UNIX SSH?
8.2. So, I'm confused. If Datafellows sells Secure Shell, what does SSH Communications Security do?
8.3. SSH Mailing list
8.4. Tutorials
8.5. Web pages
8.6. Publications
9.
The ever-popular miscellaneous section
9.1. Should I turn encryption off, for performance reasons?
9.2. Known security bugs with SSH
9.3. I don't like the commercial aspects of SSH.
9.4. Making SSH more transparent to users
9.5. Alternatives to SSH
Last updated: 17 November 1999. Maintainers -
anne@ipsec.com
and
satch@employees.org