Secure Server Management Report

Janina Sajka janina at afb.net
Mon Oct 1 20:12:39 EDT 2001 

I did not see secure crt on this site. Perhaps it's there and I'm just 
tired of poking around on websites, but I did look.

I will say that it seems there are several clients out there, but they all 
seem to have either the ssh.com or the OpenSSH code at their core.

On Mon, 1 Oct 2001, Dawes, Stephen wrote:

> 
> I have been using secure crt from:
> 
> http://www.core-sdi.com
> 
> This SSH client works well with:
> JFW Versions: 3.70, 3.71, & 4.00.
> 
> Secure CRT is share ware, and I don't remember the licence cost.  The only short coming that I have found with Secure CRT
> is that it does not have an implementation of SCP, which would eliminate the need for secure ftp.
> 
> 
> Stephen Dawes B.A. B.Sc.
> Web Business Office, The City of Calgary
> PHONE:  (403) 268-5527.
> FAX: (403) 268-6423
> E-MAIL ADDRESS:  Stephen.Dawes at gov.calgary.ab.ca
> Internet: http://www.gov.calgary.ab.ca
> 
> 
> > -----Original Message-----
> > From: Janina Sajka [mailto:janina at afb.net]
> > Sent: 2001 October 01 12:41 PM
> > To: Charles Crawford; Matt Campbell; Earlene Hughes
> > Cc: speakup at braille.uwo.ca
> > Subject: Secure Server Management Report
> >
> >
> > Dear Colleagues:
> >
> > This report summarizes my explorations of functionality and
> > accessibility
> > in current SSH clients for Windows. As you will recall, I (and others)
> > have strongly advised against using telnet and ftp for
> > administration of
> > ACB's remote web server simply because these applications are
> > insecure.
> > Rather, SSH is recommended because it provides the same
> > functionality but
> > in a manner where all of the information transmitted across the public
> > Internet has been secured with strong data encryption. This is
> > particularly important for usernames and passwords which
> > allow access to
> > system level functions on this remote server. And, such security
> > precautions have only become more important since the events
> > of September
> > 11 last.
> >
> > Fortunately, the news for ACB is very good. I will point you
> > to a fully
> > accessible and fully featured ftp client with full support
> > for ssh2--the
> > current standard. This should take care of the need to move
> > files back and
> > forth very nicely. The news for command line access isn't
> > quite as good,
> > though it is still not bad. Herewith the details:
> >
> > 1.)   File Transfer Agents
> >
> > There is really only one choice here. CuteFTP Pro 1.0 has
> > absolutely everything ACB needs to manage files on its remote
> > server securely. CuteFTP Pro stands head and shoulders above
> > the competition both on accessibility and on ftp features.
> > It is, unfortunately, not a free software program, but it is
> > very excellent all the way around. Be sure you get CuteFTP
> > Pro 1.0, and not the older CuteFtp 3.5 or 4.0 clients which
> > do NOT support ssh. A free 30 day trial copy can be
> > downloaded from GlobalScape, the manufacturer of CuteFTP Pro at:
> >
> > http://www.globalscape.com/download/index.shtml
> >
> > My second, and very viable, choice for managing these files
> > remotely is the DOS command line utilities that are
> > available in the SSH for Windows 32-bit operating
> > environments client available free of charge to nonprofits at
> >
> >       http://www.ssh.com
> >
> > Regretably, the Windows utilities in this package are only
> > partially accessible. But, they are also only partly as
> > capable as Cute FTP -- lacking such important features as
> > "resume upload." Still, the DOS ports of the unix commands scp
> > and sftp will work very well for anyone who still has good
> > speech access to DOS;
> >
> > 2.)   Terminal Access
> >
> > The options for a good command line on the web server are not
> > as clear as for file management. Fortunately, though,
> > there are very good secure substitutes for telnet, and their
> > accessibility is probably no less than the accessibility
> > for the various telnet clients. Let me explain:
> >
> > Not unlike the circumstances in available telnet clients,
> > available ssh clients range from fully accessible clients to
> > not so accessible ones. And, the reasons for this are
> > substantially the same because, after the connection is made, what
> > telnet presents onscreen is no different than what ssh
> > presents onscreen.
> >
> > So, if you think that telnet is accessible on Windows, you
> > will likely get the same level of accessibility from the
> > SSH Client for Windows available from:
> >
> >       http://www.ssh.com
> >
> > In order to get the same functionality, however, you will
> > likely need to apply whatever set files are associated with
> > your Windows telnet client to this SSH application.
> >
> > If, on the other hand, you are able to run in DOS, you will
> > find the command line version which comes with this
> > application vastly superior. This DOS client simply works
> > with asap or vocal-eyes.
> >
> > CONCLUSIONS
> >
> > The Windows CuteFTP Pro 1.0 client should be used for secure
> > remote file management;
> >
> > The DOS SSH2.EXE client from ssh.com should be used for
> > secure remote terminal access;
> >
> > The telnet server should be removed from the web server;
> >
> > FTP access should be limited to anonymous access only;
> >
> > ADDITIONAL NOTES
> >
> > There is yet another SSH application available on Windows
> > called PuTTY. While it is not as accessible, in my view, as
> > the applications named above, it could be as accessible if a
> > competent programmer were to fix the interface. This is
> > possible because PuTTY is an open source application. The
> > source code, documentation, and current executables for PuTTY
> > can be found at:
> >
> > http://www.chiark.greenend.org.uk/~sgtatham/putty/
> >
> > Respectfully Submitted,
> >
> >
> > --
> >      
> >                               Janina Sajka, Director
> >                               Technology Research and Development
> >                               Governmental Relations Group
> >                               American Foundation for the Blind (AFB)
> >
> > Email: janina at afb.net         Phone: (202) 408-8175
> >
> > Chair, Accessibility SIG
> > Open Electronic Book Forum (OEBF)
> > http://www.openebook.org
> >
> > Will electronic books surpass print books? Read our white paper,
> > Surpassing Gutenberg, at http://www.afb.org/ebook.asp
> >
> > Download a free sample Digital Talking Book edition of Martin Luther
> > King Jr's inspiring "I Have A Dream" speech at
> > http://www.afb.org/mlkweb.asp
> >
> > Learn how to make accessible software at
> > http://www.afb.org/accessapp.asp
> >
> >
> > _______________________________________________
> > Speakup mailing list
> > Speakup at braille.uwo.ca
> > http://speech.braille.uwo.ca/mailman/listinfo/speakup
> >
> 
> _______________________________________________ Speakup mailing list Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
> 

-- 
	
				Janina Sajka, Director
				Technology Research and Development
				Governmental Relations Group
				American Foundation for the Blind (AFB)

Email: janina at afb.net		Phone: (202) 408-8175

Chair, Accessibility SIG
Open Electronic Book Forum (OEBF)
http://www.openebook.org

Will electronic books surpass print books? Read our white paper,
Surpassing Gutenberg, at http://www.afb.org/ebook.asp

Download a free sample Digital Talking Book edition of Martin Luther
King Jr's inspiring "I Have A Dream" speech at
http://www.afb.org/mlkweb.asp

Learn how to make accessible software at
http://www.afb.org/accessapp.asp

More information about the Speakup mailing list