Encrypted login methods
Last revision October 5, 2009
One way to protect data is through encryption. Encryption mathematically converts your data into a form that is not directly readable. The conversion between readable and encrypted data is generally controlled by a password or "shared secret" (sometimes generated automatically). Only a person (or program) that knows the password (or the method to generate the shared secret) can read the encrypted data. Encryption can be useful for files stored on your local computer as well as files that you are transmitting over the network. A hacker who is eavesdropping on the network will not be able to decode passwords and data that are sent over the network in encrypted form.
Kerberos, SSH (stands for Secure Shell), and SSL (stands for Secure Socket Layer) are protocols that use encryption to protect data being sent over the network. So, for instance, when you type in your password to make a connection to a network server such as sesfs, these protocols can encrypt the password for you before sending it out over the network.
Kerberos is an authentication system originally developed at MIT. It encrypts your communications on the network like the other protocols described here. But Kerberos also adds a secure authentication system that provides a way for computers to verify the identity of users and other computers from a central database, handling your password only on the local computer and never sending it, even in encrypted form, over the network. At Stanford, your Kerberos identity is your SUNet ID.
Kerberos also provides "single sign-on" capabilities. Once your identity has been determined, the Kerberos software stores this information for some length of time in a "ticket" and can automatically provide it to other services that you access. You can "sign-in" once and work for the whole day on that computer without needing to provide your password over and over for various services.
Programs and services need to be specially written to use Kerberos, and the "Kerberos client" authentication software must be installed on the local computer.
Stanford University has standardized on the Kerberos system of authentication to allow many services on different computers to access the same central database of valid accounts. When you use your SUNet ID to log in to a system, you are most likely using Kerberos to send that information. Stanford has tightly integrated Kerberos and the SUNet ID system and provides Kerberos client authentication software for installation on campus computers. Get the Stanford Desktop Tools application for Windows PCs or Mac OS X computers and the Kerberos kit for Unix or Linux systems.
SSH is an open-source software system that is used to create encrypted network connections between programs running on different computers. Unlike Kerberos, it does not use a central authentication database such as your SUNet ID. Instead, if the program on the server computer needs to authenticate you, it must prompt for your username and password. Your password is encrypted by SSH before it is sent over the network. But this is slightly less secure than Kerberos, which never sends your password over the network.
SSH also doesn't provide the convenience of single sign-on. Each program or service you access on a remote computer must prompt for your username and password. Furthermore, those usernames and passwords are specific to that remote computer. You may need to manage many different usernames and passwords if you are connecting via SSH.
The advantage of SSH is that you don't need to rewrite every program or service to include the SSH protocols. Instead, a standard SSH implementation (included on UNIX, Linux, or MacOS X operating systems) can create encrypted communication "tunnels" through which other programs that don't know anything about SSH or encryption can send their passwords and data in a secure manner. This is the preferred method, for example, for using the X-window remote graphical interface securely.
For personal computers, SSH is generally used in dedicated client programs that manage remote file transfers (also called sftp) and command-line logins only.
Most campus server computers, including sestransfer, support the SSH system for encrypted logins and file transfers. SSH is built-in to all modern UNIX and Linux systems, and Stanford has site-licensed SSH client programs that you can install on Macintosh and Windows PCs.
The SSL protocol (originally developed by Netscape, but now an Internet standard) is a general purpose protocol for authenticating and encrypting data on the network, but it is primarily used to create secure web sites. It relies upon "certificates" created by a trusted authority (such as Verisign) to prove that you are connecting to the correct computer. If you've ever bought something online, for example, you've probably been told that you were using a secure web site and noticed that the address uses the protocol type https rather than simple http. For example, the Stanford webmail program uses SSL to encrypt your passwords and data. Restricted web pages on the Stanford and pangea web servers that require your SUNet ID and password also use SSL.
Support for the SSL protocol is embedded in all modern web browsers. You do not need to install any special software to use SSL protected web sites.