SSH Login

Able-Towers now uses SSH Login rather than the older, less secure, Telnet and rlogin. Those who feel confident about setting up an SSH client can go straight ahead and download a client for their operating system. However, we strongly ad vise you read some of this page as there is important information specific to using a client with Able-Towers.


Download...

Windows
Redhat Linux RPM
UNIX Source Code


F-Secure...

F-Secure SSH F-Secure SSH has been designed to completely replace your existing terminal applications (Telnet) to provide you with secure encrypted, and authenticated connections to your UNIX host computers.

To install and use F-Secure SSH for Windows, you need a laptop or personal computer, running a Windows operating system, with a 386 or higher microprocessor, a minimum of 4 Megabytes of RAM, and about 3 MB of disk space - quite a low-spec system really. Download.


RSA Authentication...

Able-Towers insist that you setup your client to use RSA key authentication rather than the plain old password system. RSA key authentication is more secure, and much faster. Below is some information on setting up RSA authentication using F-Secure for Windows.

The SSH protocol implements RSA (3-DES) authentication as the strongest means for user authentication. To use RSA authentication you must create an RSA key pair with the help of the F-Secure SSH Key Generation Wizard.

To use F-Secure SSH Key Generation Wizard, you can double-click the F-Secure SSH Wizard icon in the F-Secure SSH program group. The wizard is also started automatically during setup.

Next

RSA Identity File Name Enter the file name you would like to use for your identity files. No file extension is required. The public key file will be distinguished by a .PUB extension. It is recommended that you use the default file name IDENTITY.

Next

Enter a comment for the RSA Identity file. A recommended comment would be your user name and the host name holding the identity files, e.g. "bob@pc1.company.com". A passphrase will be used to protect your RSA Identity file. Enter your passphrase into the Passphrase and Passphrase Confirmation fields. The fields differentiate between uppercase and lowercase letters. The passphrase should not be less than 6 character s long.

Next

Specify the number of bits you would like to be used as the key length for the RSA key pair. 1024 is recommended, key sizes above that do not greatly improve security. The longer the key is the higher the security is, with the drawback that long keys make the RSA authentication process slower. Minimum length is 512 bits.

Next

If you have created a random seed by moving your mouse cursor on top of a random number generation dialog box, go directly to the next step.

Next

Otherwise move your mouse randomly in the dialog box to generate random mouse movements, which will be used to create a random seed for F-Secure SSH's cryptographically strong random number generator.

F-Secure SSH Key Generation Wizard generates two prime numbers, then calculates and tests an RSA key pair to be used as the identity. This can take anything from 1 minute to 15 minutes. Do not reboot your machine even if it does not respond.

Choose Start and then wait for the key generation to finish and press the Next button. F-Secure SSH Key Generation Wizard is now ready to save the identity files, Choose the Finish button to save the RSA Identity.

Finish


Setting Up Your Shell for RSA Encryption...

You will need to follow the steps below to changed from password access to RSA access.

  • Connect to Able-Towers using the password method.

    When you bring up the F-secure client there are two radio buttons PASSWORD or RSA, make sure password is selected. In the password box input your Able-Towers password. Click OK, and you will connect to Able-Towers if your password is correct.

  • Uploading your Authorized_keys for RSA access.

    Once you have connected, open up your local text editor (notepad) and copy the line of the key from identity.pub. Create a directory called .ssh in your home directory, by typing 'mkdir .ssh'. Once created you need to use VI to edit your key file. You can not use pico, due to line wraps.

  • Enter the following 'vi .ssh/authorized_keys'.

    Press i for insert, and then Shift + Insert to paste in your key. It might look like it is wrapped, but it isn't. Then press Esc to quit insert mode. Type in :w and press enter - this will write the file out and finally type :q to quit VI.

  • Set the correct permissions for the .ssh directory and the authorized_keys files.

    type 'chmod 710 .ssh', and press enter. Then type 'chmod 610 .ssh/authorized_keys', followed by enter.

    You will now be able top connect using RSA. Disconnect from Able-Towers and reconnect, but this time select the RSA radio button, and press OK. After a few seconds, if all is well, a box will appear asking for your passphrase you entered during key generation. If this fails, you will be prompted for your password, and your connection will revert to password login. If you did not enter a passphrase during key generation, then it will not ask you for one, and you will be connected straight away.

    If you need any help with this, try asking in the Able-Towers Support Java Chat on UltraNET.

    RSA encrytion help written by Paul Jones.


    Logging Into Able-Towers...

    You can use either the password method, or the RSA authentication method.

    To use the password method: Run your SSH client, set the Host Name to Able-Towers.com, and User Name to your Able-Towers userid. Type in your password in the password box, and then choose OK.

    Connecting Using Password Authentication

    To use the RSA method you must first set up your shell for RSA encrytion. Once that is done, you can login in the same way as password login, but select the RSA radio button. After a few seconds you will be prompted for your passphrase. You will then be logged into Able-Towers.


    Changing Your Able-Towers Password...

    Firstly, login to your Able-Towers shell account using SSH. Once logged in, you need to type 'passwd' - this will prompt you for your current password. One you have typed that in, it will ask for your new password. This password should have capitals, non -capitals, and numbers for security. If your password is too simple then the system will not accept it, and ask for a different one. After accepting your new password, the system will ask for confirmation of that password, just to make sure that you know exactly what you typed in. Your password should now be successfully changed. Remember to logout from your shell by typing 'logout'
    .