2. Getting Secure Shell

This section should give you information on where to pick up different implementations of Secure Shell. Click here for the contents of this section.

2.1. Where is the official Secure Shell distribution and mirror sites?

If you're looking for the official release of Secure Shell, it is listed below. Remember that non-commercial users (Universities, non-profit, and personal use) is free of charge. Otherwise, SSH Secure Shell must be properly licensed.

All official releases are signed, and now you can use DSS/DSA signatures to check for those of us who have to deal with the RSA patents *grumble* *grumble*.

2.1.1 Offical site

The central site for distributing ssh is at SSH Communication Security. The application is available at ftp://ftp.ssh.com/pub/ssh/. If you wish to license SSH Secure Shell for either commercial or university distribution (remember, no cost to universities or non-profit organizations), please go to http://commerce.ssh.com

Information on how to check signatures is available at ftp.ssh.com/pub/ssh/HOWTO-CHECK-SIGNATURES.

Official releases of SSH1 are PGP-signed (RSA only), with the following key ID:
TypeBitsKey IDDateUser ID
RSA1024DCB9AE011995/04/24Ssh distribution key <ylo@cs.hut.fi>
Key fingerprint = C8 90 C8 5A 08 F0 F5 FD 61 AF E6 FF CF D4 29 D9

Official releases of SSH2 are PGP-signed (both RSA and DSA), with the following key IDs *:
TypeBitsKey IDDateUser ID
RSA2048AFCA74591998/07/11Ssh 2 Distribution Key <ssh2@ssh.com>
Key fingerprint = 2A 06 2C 83 F0 A6 72 52 3A 4D 4A FA 20 15 EE 74
DSA102483FB127C2000/06/13Ssh 2 Distribution Key <ssh2@ssh.com>
Key fingerprint = A348 205D F1D8 2297 0A46 D961 ED7B 28CD 83FB 127C

Note: These keys also use the ssh2@ssh.fi address for signing.

2.1.2 Mirrors

Secure Shell is also available via anonymous ftp from the sites listed at http://www.ssh.com/ssh/download.html. Because they are updated regularly, it is too difficult to keep them up to date here.


2.2 How about getting other relatively free versions of Secure Shell?

Here is a list of other implementations Secure Shell clients and servers. The official distribution from SSH Communications Security is not included with these downloads. Please note that they should interoperate with each other; however, this is developer-dependent.

Please note that these distributions may or may not be actively maintained. The owners may not notify people if they are still maintaining the software, and it may or may not work. This information is up here for your information, and if you legally can run the software--to play with it.

If you're looking for a really complete list of Secure Shell clients, take a look at Rick Moen's list at http://linuxmafia.com/pub/linux/security/ssh-clients.

2.2.1 UNIX

Niels M÷ller is developing a GPL'd C implementation of the ssh version 2 protocol. Pick up the latest release (which is currently at 0.9.13) at http://www.net.lut.ac.uk/psst/download.html.

The folks from OpenBSD has also created a free Secure Shell implementation of SSH1 and SSH2. You can find it at http://www.openssh.com/. The ports are available for Linux, Solaris, FreedBSD, and many others.

OpenSSH is part of the base OS for OpenBSD, just as rsh, telnet, ksh, etc are installed. If you download the ftp://ftp.openbsd.org/pub/OpenBSD/2.6/i386/base26.tar.gz you will find that ./usr/bin/ssh is one of the files included. In other words, it is part of the base tarball that everybody on every install gets.

At the end of the install, one has the option of installing the usa based RSA implementation, the international RSA implementation, or no RSA implementation; in this last case, only protocol v2 will be used. (if installed, RSA gets retrieved via ftp to avoid patent problems).

You can also get Bjoern Groenvall's ossh (an older freeware port of SSH1) at ftp://ftp.pdc.kth.se/pub/krypto/ossh/.

2.2.2 Java

There are a couple of different Java implementations of Secure Shell.

2.2.3 Windows

For some reason, a lot of people have created Secure Shell ports to Windows :-). This is the current list of Windows ports. Cedomir Igaly's SSH1 Windows 16 and 32 bit clients are no longer available.

2.2.4 Macintosh

NiftyTelnet 1.1 Secure Shell is Jonas Wallden's implementation of SSH1 for Macintosh. It is available at http://www.lysator.liu.se/~jonasw/freeware.html.

MacSSH is an SSH2 implementation for Mac clients. You can find it at http://www.macssh.com.

2.2.5 OpenVMS

There is David Jones' OpenVMS SSH1 server available at http://www.er6.eng.ohio-state.edu/~jonesd/ssh/. The OpenVMS SSH1 client is done by Christer Weinigel and Richard Levitte and is available at http://www.free.lp.se/fish/.

2.2.6 Handheld devices

The ISAAC group released a version of the SSH1 client for the Palm Pilot, Top Gun ssh 1.2. It's available at http://www.isaac.cs.berkeley.edu/pilot/.

Mov Software has released a port of SSH1 to WindowsCE called sshCE. You can register for beta testing at http://www.movsoftware.com/sshce.htm. Please note that this has been in "late beta testing" for over a year now, so we're not sure if this is actively being worked on.

2.2.7 BeOS

The current BeOS R4 port of SSH1 for Intel and PowerPC platforms is available through Bebits at http://www.bebits.com/app/703. Also, check out the sshLogin client at http://www.bebits.com/app/746.

2.2.8 OS/2

The most current port of the SSH1 client to OS/2 is available at ftp://hobbes.nmsu.edu/pub/os2/apps/internet/telnet/client/ssh-1.2.27-b1.zip, which runs on OS/2 Warp 3+. There is also another Secure Shell program available at ftp://hobbes.nmsu.edu/pub/os2/apps/internet/telnet/client/sshos203.zip; however, we have no idea what it is.

2.2.9 DOS

There's now a port of SSH1 to DOS (yes, Disk Operating System) available at http://www.vein.hu/~nagyd.

2.3 How about getting commerically supported versions of Secure Shell?

There are three current commercial releases of Secure Shell. They are distributed by SSH Communication Security, F-Secure (formally Datafellows), and Van Dyke Software.

2.3.1 SSH Secure Shell

SSH Secure Shell is available from http://www.ssh.com/ssh. The product includes clients for Windows (which integrates secure file transfer in a GUI) and UNIX (which includes a server that allows two simultaneous connetions), and server available for UNIX as well. Please contact SSH Communications Security directly for more information.

2.3.2 Van Dyke Software SecureCRT

SecureCRT is available at http://www.vandyke.com/products/securecrt/. This Secure Shell client runs on Windows platforms and supports the SSH1 and SSH2 protocol. They also have SecureFX, a file transfer product that does FTP tunneling over SSH2. Please contact Van Dyke directly for more information.

2.3.3 F-Secure Tunnel and Terminal

F-Secure Tunnel and Terminal is available at http://www.f-secure.com/products/cryptography/f-sshtt.htm. It runs on UNIX, Windows, and Macintosh. It implements the SSH2 protocol, and does have a command-line scp for Windows. Please contact F-Secure directly for more information.

2.3.4 Appgate Client and Server

Appgate provides a gateway for applications using a centralized database for authentication using Secure Shell. It works on Win16, Win32, UNIX, OS/2, and Macintosh. Go to http://www.appgate.com for more information.

2.3.5 EmTec ZOC

EmTec's ZOC is a terminal emulator that supports Secure Shell. It runs on OS/2 and Windows 32-bit. For more information, please see http://www.emtec.com/zoc/.

| Previous Chapter | | Next Chapter |

| Table of contents of this chapter | | General table of contents | | Beginning of this section |