Skip to main content.

Miscreants with technological know-how are becoming more and more prolific these days. While choosing a good password is important, safeguarding that information every time you use it is necessary as well. To this effect, we suggest the use of s/key or ssh for your telnet sessions.

S/key


S/key is a highly secure way to login to user accounts. Even if the remote system is compromised and someone is sniffing your activity (i.e., your keystrokes), they won't be able to steal your password. It's not difficult to set up, and it's very easy to use.

Here's some information to get you started.

S/key requires 2 things. First, you need a program that you use on the computer at which you're sitting. These are available below. You must use it only at the computer in front of you because you will be typing in a secret passphrase. If you are typing into a program you are running on your computer, no one can steal the phrase (unless they're looking over your shoulder at your keystrokes). If you are logged in to a remote system, there is a possibility that someone can steal what you're typing by sniffing the network. Second, you need to set up your account to use skey. A summary of this is below.

Here's a *quick* overview:
  1. Get the s/key calculator from the ftp site.
  2. Login to shell, type "keyinit -s"
    1. "sequence count" is the number of logins before you change your passphrase (more on that later). Enter "99".
    2. Enter new key: hit return.
  3. Paste the string that looks like "99 sh12345" into the skey calculator. Type in a sentence. This will be your passphrase. It can be anything you want - 5 words mimimum, please. E.g. "Lara likes thingz and stuff" or "surfing at inch is phun!". Case matters.
  4. Hit the "calculate" button. Paste the 6 english words into the shell window.
  5. You have just set up an s/key passphrase. To login via s/key in the future, grab the string that looks like "99 sh12345" and paste it into your s/key calculator. Type in your passphrase to generate the response and paste this back into the telnet or ftp window.

Special Notes:

  1. Fetch 3.x users: Fetch automatically detects the s/key login and will generate the appropriate s/key response if used correctly. To do this, simply ftp to ftp.inch.com using your normal username but enter your s/key passphrase in the Password field. That's all it takes!
  2. Just to add some more specific information, you can use s/key to login securely, but the rest of the session could theoretically be sniffed. We're confident that it isn't happening on our network, but if you're connecting from somewhere else (other than a direct connection like a dialup), we can't vouch for their security.

Ssh

Ssh is a different protocol which will give you a terminal on a remote machine. With this, not only is the login encrypted, but the entire session is as well. Thus, even if someone were sniffing your data, they would get only meaningless garbage. With ssh, you should only use it from the actual machine you are typing on. That is, you should not connect to another provider, then ssh to inch from there.

Here are some Windows ssh programs available on the web:

And some Mac ssh programs: