SSH (Secure SHell) is a protocol for remotely logging into a machine. Much like Telnet, an SSH client will provide the user with a text session ("shell") on the remote machine. Unlike Telnet, SSH provides an encrypted connection between the client and the server. In practical terms, the difference between using Telnet and SSH is much like the difference between visiting ordinary websites and visiting so-called "secure" websites.

Similarly, SFTP (Secure FTP) is a replacement for FTP which provides an encrypted connection between the client and server for file transfer.

Secure Access

SSH and SFTP are required to access the ITS Login Service and the ITS Statistics and Computation Service. When transferring files into and out of your AFS space, you should use SFTP, and you should connect to, not to the Login or SCS servers.

To gain access to the Login or SCS machines, you need to send them your uniqname and password. When you connect via Telnet or FTP, you do this in a way that anyone who knows how to eavesdrop can easily read and use your uniqname and password themselves because it was sent in plain text. We are requiring that you use only SSH and SFTP so that your uniqname and password are sent in an encrypted form that will not be easily and instantaneously reusable by an eavesdropper.

Making this change is one way to help to protect your ITS account from being hijacked by "hackers."