Slashdot Mirror
SSH-Based Solutions - Looking for Industry Proof?
mcwop asks: "My company's IT department is trying to set up secure FTP with a vendor. It would be set up on a Sun box (not running Solaris 9). I emailed suggesting they look at OpenSSH. The response I received stated that they don't like to use freeware, but only consider industry proven and supported software. I have found one commercial version
at SSH. What other commercial versions are out there (I know Solaris 9 comes with SSH)? But more importantly, what are some commercial successes? What large organizations are implementing SSH?"
Perhaps I'm confused, but isn't OpenSSH a rather well-proven program?
Kein Mitleid für die Mehrheit.
Mac OS X (and X Server) ship with OpenSSH. Those are considered commercial OS's. I bet Solaris 9's SSH is also OpenSSH (don't know for sure though). Sounds like your managers have their heads where the sun doesn't shine.
I'd point them to the Netcraft survey.
More than half the sites with SSH are using OpenSSH.. Tell them to go get a clue instead.
http://www.openssh.org/users.html
Also Nokia's IPSO (on their Checkpoint based firewalls uses openssh.
As you can see Sun uses it. Good enough. I thought so.
Cypherpunks: Civil Liberty Through Complex Mathematics. Those who live by the sword die by the arrow.
I had the exact same situation about 6 months ago. I won, sorta. I simply said our industry is going through hard times right now and using OpenSSH will save your $500k in licensing fees.
We ended up compromising. They wanted vendor software, I wanted free. For the mission critical systems, we chose FSecure (fsecure.com) and for the high-importance and below (to include desktops), we went with OpenSSH.
Worked out well. With FSecure we also purchased Windows clients for the developers and if anything ever happened, they had the support they were looking for the vendor software. With everything else, OpenSSH did the job along with PuTTY on the peasants computers.
I am shocked that people think that SSH (OpenSSH) is not a industry standard. Here is a good client for windows. And of course you can get the server for free here.
~Shane
...use IPSEC based VPN's. Most firewals will do this, just make sure they use a common key exchange method (i.e. don't use anything from Novell)
I've been with my present employer since Oct. of 1999. Every time we have a meeting where we discuss ways to accomplish some task I waited for an opportunity to say, "I could write a shell script to do that" or "We could do that with a Linux box". Early on it always got a big laugh. Then my technical lead started saying, "We could do that with a shell script." Now they're asking questions about using Linux for server consolidation. Some things take time. Patience my young apprentice.
--
As a matter of fact, I am a lawyer. But I play an actor on TV.
SSH, Inc.'s Windows server offering had much better system integration than any of the Windows OpenSSH projects. Granted - this may no longer be the case (last I looked at this issue was over a year ago).
I agree with the poster above. Since when are these mutually exclusive? That people refer to proprietary software as `commercial' is a fault of their logic. Chances are they are already relying in soem way or another on one of the following Open Source applications that are either produced for commercial reasons and have some kind of backing. Oh, did I mention that each of these apps is the markt leader in their field?
I work in a pre-field lab environment, where we make sure all our equipment going onto our network isn't going to blow anything up.
All of my machines are standard with OpenSSH now, and I know that all the new machines coming in are required to have SSH in place of Telnet... and OpenSSH is the defacto standard, although we will accept a commercial implimentation if the vendor provides it.
Anything Sprint PCS provided, though, is OpenSSH. Telnet as been officially "banned" from all new equipment, even if people are breaking this rule (much to my chagrin) on occasion.
This is one of those situations where I've actually been pleasantly surprised by both the commercial (SSH.com) and non-commerical (OpenSSH) products. I've used both, almost interchangeably, and like them both. It's really a toss-up for me.
Some people might point to the recent OpenSSH security holes trying to discredit them, but look at how quick the turnaround on patches was.. amazing.
One thing I did want to point out was the SSH.com Windows client. I really like it. It might not be worth the money, but if you fall into one of the categories where you get a free license (allows university use and non-commercial use according to their website), it's quite good. I especially like the ease in opening additional sessions or secure file transfer, etc. Worth checking out..
(And definitely don't use the TeraTerm SSH client. It's still SSH version 1, and is just a hack on top of TeraTerm... never seemed like the greatest solution to me, even if it did work)