4.7. Security Enhanced Communication Tools

As the size and popularity of the Internet has grown, so has the threat from communication interception. Over the years, tools have been developed to encrypt communications as they are transferred over the network.

Red Hat Linux ships with two basic tools that use high-level, public-key-cryptography-based encryption algorithms to protect information as it travels over the network.

• OpenSSH — A free implementation of the SSH protocol for encrypting network communication.

• Gnu Privacy Guard (GPG) — A free implementation of the PGP (Pretty Good Privacy) encryption application for encrypting data.

OpenSSH is a safer way to access a remote machine and replaces older, unencrypted services like telnet and rsh. OpenSSH includes a network service called sshd and three command line client applications:

• ssh — A secure remote console access client.

• scp — A secure remote copy command.

• sftp — A secure pseudo-ftp client that allows interactive file transfer sessions.

It is highly recommended that any remote communication with Linux systems occur using the SSH protocol. For more information about OpenSSH, see the chapter titled OpenSSH in the Red Hat Linux Customization Guide. For more information about the SSH Protocol, see the chapter titled SSH Protocol in the Red Hat Linux Reference Guide.

	Important
	Although the sshd service is inherently secure, the service must be kept up-to-date to prevent security threats. See Chapter 3 Security Updates for more information about this issue.

GPG is a great way to keep private data private. It can be used both to email sensitive data over public networks and to protect sensitive data on hard drives.

For more information about using GPG, see the appendix titled Getting Started with Gnu Privacy Guard in the Red Hat Linux Customization Guide.