Securing Terminal Traffic (OpenSSH)
Terminal traffic, which is typically done with the Telnet or rlogin applications, is probably the riskiest type of cleartext traffic, and is the easiest to fix. FreeBSD comes with a complete SSH (Secure Shell) package designed to supplant Telnet and rlogin, allowing your users to establish a completely encrypted tunnel to your server, protecting their login passwords and any command-line activity from snooping intruders. This is OpenSSH, developed originally for OpenBSD and now incorporated into FreeBSD.
SSH runs on port 22, and it runs as a standalone daemon that spawns off new sshd processes (like Apache does) when new connections come in. To enable the SSH server, add the following line to /etc/rc.conf
Get FreeBSD® Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
