Welcome, Guest. [ Log In ]
Question   How do I use Telnet or SSH to access my site?
Search KBase


Related Links:
· Do all plans come with Telnet / SSH access?

Top 5 in this Area:
1. How do I use FTP to upload my site?
2. How do I use Telnet or SSH to access my site?
3. How do I set up email on my computer?
4. What's a server?
5. What's a domain name?

 
How do I use Telnet or SSH to access my site?

Telnet is a protocol, like FTP, that allows you to access another computer. However, unlike FTP, Telnet lets you do more than simply upload and download files. You can actually run programs on the other computer, edit your web files using one of many Unix/Linux text editors, and generally do all sorts of powerful stuff with the likes of CGI and Perl. Telnet isn't for everyone, but if your site demands a little extra flexibility, it would be wise to learn how to use Telnet to add more value to it.

We would suggest, however, that you use SSH instead (see below).

Getting Telnet For Your Computer

Telnet programs are very similar, even though some offer features that are missing in others. You may have to look around to find the best one for your needs.

For the Macintosh, we recommend the following Telnet clients:

NiftyTelnet
http://andrew2.andrew.cmu.edu/dist/niftytelnet.html

NCSA Telnet
ftp://ftp.ncsa.uiuc.edu/Mac/Telnet/Telnet2.6

For Microsoft Windows-based PCs, there are several Telnet clients you can choose from. However, Windows actually comes with a very basic telnet client already. You can use it by going under the Start Menu, selecting the 'Run' option, and typing in 'telnet yourdomain.com' (yourdomain.com should be replaced with your actual domain name). Note that this is not available with some very old versions of Windows.

The BeOS also includes basic telnet, which is one of the best command line clients we've seen. It is modeled after the standard telnet client present on most Unix/Linux boxes, and can be run from a command line by typing in 'telnet yourdomain.com' (as in the previous example, yourdomain.com should be replaced with your actual domain name).

SSH?

There is another standard out there that you may find useful known as 'ssh', which stands for 'Secure Shell'. This standard, just like Telnet, allows you to log into another computer. However, it has one added bonus: Security. All ssh clients encrypt whatever travels through the connection in a very secure manner, ensuring that nobody is able to see things such as passwords while in transit from machine to machine. Although we don't require an ssh client to use our servers, we do recommend them to users who are worried about the security of their site. Note that you cannot disable telnet to your domain if you're a shared hosting customer.

You can find links to a number of free SSH clients at:
http://freessh.org/

We would particularly recommend Putty for Windows, and MacSSH for Mac. If you have a Unix or Linux machine, you can SSH from the command line assuming you have SSH installed.

We currently support both version 1 and 2 of the SSH protocol, but we plan to phase out protocol 1 soon. *UPDATE* We HAVE PHASED OUT PROTOCOL 1. USE SSH2 FOR YOUR CONNECTION* We do support sftp and scp.

Important Note for New Accounts:
For security reasons, new users are set up as FTP-only by default. If you want to have shell access for a user, you can turn on SSH for them by going to the Users > Users area of our web panel and clicking the [edit] link for that user!

Last updated: Dec 28, 2004.

User Post (2004-07-28 13:07:27 by halbert)
** This works using the default setup on mac os x (tcsh, BSD)

To generate a secure public/private key pair to log in securely, and without a password (if you want).

from the command line (on your box, not logged into ftp, and replacing "username" and "yourdomain" with yours) type:

ssh-keygen -d

hit enter three times

type:
scp ~/.ssh/id_dsa.pub username@ftp.yourdomain.com:.ssh/authorized_keys2

enter password

type:
ssh username@ftp.yourdomain.com

You're logged in!

much better info at:

http://www.oreillynet.com/pub/a/wireless/2001/11/20/secure_webcam.html
User Post (2004-07-28 13:05:50 by nd)
http://www.macosxhints.com/article.php?story=20010206232018498

how to do a backup (from a mac) automatically... with a little help with ssh, ssh-keygen, and scp.
User Post (2004-07-28 13:04:44 by william)
Here's a little one liner that'll do the trick (for passwordless auth) after you've done the ssh-keygen -d:

ssh target 'test -d .ssh || mkdir -m 0700 .ssh ; cat >> .ssh/authorized_keys && chmod 0600 .ssh/*' < ~/.ssh/id_dsa.pub
User Post (2005-11-22 17:55:40 by hitoriphoto)
Mac OSX:
Okay, let me make this a little clearer for no mistakes for those unfamilliar like me:

To generate a secure public/private key pair to log in securely, and without a password (if you want):

STEP TWO:
(Step one is below for those particularly unfamilliar or having problems with this process.)


At the command line (not logged into ftp) type:

ssh-keygen -d

hit enter three times

Replacing "username" and "yourdomain" with yours,
copy&paste/type:

ssh username@ftp.yourdomain.com 'test -d .ssh || mkdir -m 0700 .ssh ; cat >> .ssh/authorized_keys && chmod 0600 .ssh/*' < ~/.ssh/id_dsa.pub

Press return/enter.

Wait for it to say
Password:

Enter the password of the user who's username you inserted in place of the example USERNAME@ftp.yourdomain.com above.
If it asks you for the password multiple times, type in the same cOrrecT password each time.

STEP THREE:

type:
ssh username@ftp.yourdomain.com

You're logged in!

Now any time you want to log using SSH you can just repeat STEP THREE from the command line (Terminal), no need to repeat the other steps.

If you have any problems with this please see STEP ONE below.



STEP ONE:
[Make sure SSH has been enabled in the Webpanel at dreamhost for the USER which you plan on logging onto your server with. All other uses of USERNAME in these instructions must be with that same username.]

In your applications folder find the utillities folder. Inside the utillities folder find the program TERMINAL and open it (double click! ;P) -a terminal window will open. that is the COMMAND LINE for your computer.
In this window any spaces or mistakes that are typed will effect what happens and usually lead to no result, so make sure to type eveything exactly as it appears or when possible copy and paste, but if that doesn't work look for added or missing spaces. Use the arrow keys to move the cursor back and forth, clicking will do you no good.
User Post (2005-08-12 17:40:52 by drosian)
IMPORTANT NOTE ABOUT grangatchel's GUIDE

By "DH account", grantgatchel means your FTP user name, not your actual dreamhost account name that you use to login to the control panel.

I'm sure this part is obvious for advaced users, but I had no clue and so this little detail set me back about an hour.
User Post (2005-07-14 12:22:01 by grantgatchel)
=== Concise guide to Passwordless Authentication for Windows users ===
For a primer, check out the "Using public keys for SSH authentication" section of PuTTY's user manual (http://the.earth.li/~sgtatham/putty/0.58/htmldoc/Chapter8.html)

= Software =
1) Download and install the "Windows-style installer" from the PuTTY Download Page (http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html)

= Create Keys =
2) Once installed, open the PuTTYgen program and click "Generate" to create a new pair of encryption keys using "SSH-2 RSA" and something like 1024 bits. Move your mouse in a random pattern over the window until the bar fills up to generate some unique randomness for the keys.

3) Make a comment (date, name, whatever helps outwardly identify who/what the key identifies), enter a nice long key phrase to remember, then type it one more time to confirm it. Leaving the passpharase blank WILL NOT PROTECT your private key, though it is still possible to do so.

4) Save your public and private keys somewhere safe; sharing your public key with others is ok (that's what it's for), but DO NOT SHARE YOUR PRIVATE KEY!! The private key identifies you and only you, so keep is somewhere secure.

= Store Keys Locally =
5) Leave the PuTTY Key Generator window open, and start the Pagent program. From your system tray next to the clock, right click on the new icon and click "View Keys", then click the "Add Key" button. Find your PRIVATE key and click open, then enter your passphrase for that key. If all is well so far, you should see your key in the list. If not, try again. Close the "Pagent Key List" window when done.

= Create an SSH session =
6) Right Click on the Pagent icon in the lower corner again, and select "New Session" and enter this information (from bottom up):
Connection > SSH > Auth:
check "Allow agent forwarding"
leave "Private key file for authentication" blank
Connection > Data:
Auto-login username: (whatever your DH username is)
Session:
Host Name: (whatever your web site domain is)
Saved Sessions: (type an appropriate name for this connection)
*Save*: click this button to save all the settings.
*Open*: click this button to connect to the server

= Store Keys Remotely =
7) After opening your saved session, enter your password for your DH account when prompted. You should now be in your home directory. Assuming you've never used SSH before, from the home directory (/home/[username]/) type:
chmod g-w .
chmod g-o .
mkdir .ssh
chmod 0700 .ssh
cd .ssh
The last commands removed group/other writeable permissions for your home directory, created the ".ssh" folder, set permissions on that folder, and finally stepped into it.
Now, go back to the PuTTY Key Generator window that you left open (if you closed it, just restart the PuTTYgen program and load your existing PRIVATE key), highlight and copy all the text in that top box (Ctrl-C).
Return to the session window and type:

echo "[right click to paste the key without these brackets but with the quotes]" > authorized_keys

to store your public key on the server. finally, set the permissions for the file with:
chmod 0600 authorized_keys

= Test your Connection =
Finally, type:
exit
to end the session. If everything went well, all you have to do is right click on the Pagent icon in the system tray, click on your saved session, and you're done!!
User Post (2004-09-10 18:17:58 by devserver)
In Mac OS X, I had to manually create a .ssh directory and chmod it to 700 before scp would upload the authorized_keys2 file.
User Post (2004-08-17 09:20:50 by jam_dan)
Holy crap I didn't think that DH could score any more points with me, then I tried out SHH via PuTTY and logged in to find a quote from SubGenius...... It appears that the charts have no more room left.... Must convert world to DreamHost clients....
User Post (2004-06-13 20:59:23 by ramses0)
make sure that your home directory has correct permissions too. SSH will not allow passwordless login if your permissions on the following directories and files are not up to snuff:

/home/user (must not be group/other writeable... chmod g-w; chmod o-w)
/home/user/.ssh (same story ... that's what the chmod 0700 ~/.ssh from above does)
/home/user/.ssh/authorized_keys (this must bo chmod 0600, as above)

...I had gotten bit by have g+w on my /home/user directory, which causes ssh to flip out. :^)
User Post (2004-06-03 12:00:17 by drkaos)
For the Mac, DreamHost recommends MacSSH, which is a shareware app for OS9. Ick.

If you are using OS X, you can utilize SSH from the commandline or one of several graphical SFTP/SCP clients, my personal favorites being Fugu (http://rsug.itd.umich.edu/software/fugu/) and CyberDuck (http://cyberduck.ch/).
User Post (2003-10-15 15:16:57 by pmocek)
Note that telnet and FTP are inherently insecure and should be avoided. When using either of these services to connect to another machine, everything you type -- including your userid and password -- is sent ``in the clear'' across the network. This makes it possible (though somewhat difficult) for someone to ``listen in'' and gain access to your account without your knowledge.

SSH and scp are *always* preferable to telnet and FTP, because login information, along with all other communications between your local machine and the remote one, is encrypted, preventing anyone from intercepting this sensitive information.
User Post (2003-03-02 19:47:10 by jmaher)
After several failed attempts, the following configuration resulted in successfully utilizing public key authentication using Putty.

1. Using puttygen, create an SSH2RSA key

2. Save your private key (click "Save private key" and provide a path and filename)

3. Copy all of the text within the "Public key for pasting into OpenSSH authorized_keys2 file:" field at the top, and paste it into a text file (e.g., mypubkey.txt). (NOTE: my experience is that using the "Save public key" button will not save the public key in an acceptable format for authentication between DreamHost servers and Putty)

4. If it does not exist, create a .ssh directory in your home directory on the server.

5. If you just created the .ssh directory, change it's permissions to remove the group writable permission by typing the following while in your home directory (i.e., /home/username):

chmod g-w .ssh

6. Use pscp to copy the public key text file to your .ssh directory by typing the following:

pscp c:\your_path\your_public_key.txt username@yourdomain.com:.ssh/authorized_keys

User Post (2003-02-19 18:54:38 by ddyer-bennet)
When setting up RSA authentication, both the .ssh directory and the authorized_keys file must NOT be world-writable. By default, when you create the .ssh directory it *will* be world writable; you must change it.
User Post (2002-10-17 08:33:32 by thequeen)
Mac OS X users should also note that they can access either SSH from with a Terminal window without any additional software by entering:

ssh -l username ftp.domain.com
User Post (2002-09-01 17:46:07 by silentway)
remember, to ssh in:
ssh username@domain.xxx