AUSTIN, Texas -- Pragma Systems' SecureShell 2000 brings the world's first Secure Shell Server capability to Windows NT and Windows 2000. Secure Shell (SSH) is a de-facto industry standard for remote access of systems over a secure connection using strong cryptography. A serious problem with current popular tools like telnet and ftp is that they transfer password and data unencrypted in the net thus compromising security. As a result, most secure UNIX and LINUX systems are managed over ssh sessions which encrypts password and all data exchanges. With Pragma"s Secure Shell 2000 product, Windows NT and Windows 2000 systems can now be managed over secure ssh sessions just like high end UNIX or LINUX systems are. Use of SecureShell virtually eliminates the risk of remote management as all session data are encrypted using strong ciphers with keys exchanged dynamically using RSA public key algorithms.
"Remote access of systems is one of the most common tasks performed by most professionals and IT staff. It is very rare in these days of the internet for one to work with one local computer alone. Quite frequently, one has to login into another machine and start some task or monitor the progress of some tasks started earlier. This other computer could be in the next room or in the next continent," said Quamrul Islam, president of Pragma Systems, Inc.
The Internet and TCP/IP standard for doing the remote access are one of telnet, rsh, rexec or rlogin. But the flaws in them are that they are not secure as the password is sent in clear text and data is not encrypted. A hacker can simply sniff the data exchanges and pick the password up or look at data that may be sensitive. Secure shell puts an end to all of these security flaws. It introduces a single client (ssh) and a single server (sshd), which can authenticate users based on any of the means used in telnet(password), rsh, rexec(password) and rlogin. It does these securely by establishing a secure channel using public key cryptography and strong encryption. Once a secure channel is established, credentials like password and data can be sent without worry as they are all encrypted. Additionally, new authentication means like RSA/X.509 certificate, kerberos based schemes can be supported allowing even greater security in the system overall using Secure Shell. Further, with port forwarding feature of Secure Shell, software VPN tunnel is established between the ssh client and sshd server node over which non-secured TCP/IP applications like SMTP, POP, Telnet, ftp, X-windows, etc. can be run making them run securely without any change! All these capabilities make the users" task easy and secured when Secure Shell is introduced in an organization. User"s can do the task they are used to, but do it with a proven cryptographic secured way.
Secure Shell is designed in TCP/IP client-server model. The Secure Shell Server (sshd) runs as a daemon in UNIX and as a service in Windows NT/2000, and listens for connection from ssh clients on TCP port 22. A Secure Shell Client (ssh) is run to connect to a given sshd server identified by the host name of the sshd server machine. The client and server exchange RSA certificates to identify each other and then establish a shared secret key dynamically and securely using RSA public key encryption. The new shared secret key is then used for encrypting all future data between the ssh and sshd nodes during that session. At this stage, since a secure pathway exists, password or other authentication information can be transferred safely for user authentication.
Once the user authentication is done, the sshd server typically provides the command shell of the operating system to the ssh client. Ssh client can type any command into this shell and get its output interactively. All input and output data are encrypted and optionally compressed during transit on the network. The session ends when a shell terminating command like "exit" or "logout" is typed on the ssh client. Thus ssh access works very much like telnet access. If you have used telnet, rsh, rexec or rlogin, you will be at ease using ssh.
Another important use of Secure Shell is to use an ssh-sshd session as a secure tunnel to pass data from non-secure protocols like SMTP, POP, FTP, etc. to make them run secure without any change. In this case ports of the protocols to be protected are forwarded via proxy and listed when a ssh session is started. In the command line of ssh, -L option is used to list protocol ports to be forwarded.
Secure Shell standard was created in 1995 by SSH Communications Security Ltd. of Finland. It is a widely used standard and available in most UNIX platforms for both clients and servers. Ssh clients are available for most operating systems including Windows 2000/NT/98/95/3.x and Macintosh. What was lacking was a Secure Shell server for Windows NT/2000 which Pragma Systems now brings to the market.
Pragma SecureShell 2000 is US$999.
For more information contact Pragma Systems, Inc, 13706 Research Blvd. Suite 301, Austin, TX. 78750, or call (512) 219-7270; fax (512 )219-7110; email: pragma@pragmasys.com;
Download a FREE fully functional evaluation copy by visiting our web page at http://www.pragmasys.com
###