Telnet/SSH Access
Document Actions
- Overview of SSH
- What restrictions placed on shell access?
- Why do I get a "Permission denied: program not allowed."?
- Do you support Telnet?
- Why can't I FTP from shell?
- Why can't I use the Telnet binary?
- Why can't I use the finger binary?
- Why can't I use the who binary?
- Where can I obtain other SSH client applications?
- Do I have the ability to run an SQL utility (ie, to create/modify tables, fields, etc)?
1. Overview of SSH
SSH (secure shell) is a tool for secure remote login over insecure networks. It provides an encrypted terminal session with strong authentication of both the server and client, using public-key cryptography. The SSH protocol allows a user to connect to a remote host via an encrypted link and once logged into the remote server the user can perform powerful command line tasks. Common tasks include modifying file permissions, using compression utilities (tar and zip), and using editors (such as pico, vi, or emacs) to modify files on the server side.
With SSH access comes a shell. The shell you use simply acts as a layer of communication between the command-line and the Operating System. The command line passes arguments directly to the shell, where they undergo several tests. If successful, the command is passed on to the operating system and the operation is performed.
SSH is a service that runs on port 22 on our servers. Using a SSH client you will type the following to login to your account:
How to SSH:
ssh username@your-domain-name.com
username@your-domain-name.com's password: [type your account password]
While we are at it did you know you can use Secure FTP to transfer your files? It's done like this:
How to SFTP:
sftp username@your-domain-name.com
username@your-domain-name.com's password: [type your account password]
In case you have not figured it out yet, your account administration login and password are required to connect to your account via SSH. This is the same information used to establish your account when you first created your account at ABHost.Net and the same info used to login to the web control panel.
The shell you use is a Bash shell. We have a special shell we use, it has been compiled to work with our servers and allow clients access to commands that are relevant to their user space.
2. What restrictions placed on shell access?
Restrictions are necessary in order to ensure the highest quality of services possible, protecting other clients' information, and reducing any possible violations to our Acceptable Uses Policy.
The first restriction is that all clients are able to access the area of the server that is just your account directory, where you have 2 gigabytes of space. You cannot see or do anything outside of this area, and there is no reason you would ever need to anyway.
The second restriction is that we have limited the commands available to you in the shell to commands that do not compromise the security of the server or other clients accounts. If you find a command that you do not have access to and can show a legitimate need for it, then submit a request to support for review and they will inform you as to the feasibility of implementation of the command.
3. Why do I get a "Permission denied: program not allowed."?
This error is displayed whenever you try to execute a program
(binary) which you are not permitted to use. For example, you would
receive this error when you try to execute ftp, telnet, finger, etc.
While some other providers may allow permission to these executable,
there are valid reasons why we do not permit the use of these programs.
Any command that you try to use during a telnet session that does not
function as you would expect is most likely disabled for security
reasons.
The security, the stability of our service, and the enforcement of our policies are all possible reasons why any program may be denied.
4. Do you support Telnet?
Because telnet is not secure and user passwords can be captured while in transit over the internet, ABHost.Net has elected to stop supporting telnet.
Telnet verses SSH:
When you use telnet your password and everything during your session is passed as plane text for anyone between you and ABHost.Net to see. When you use SSH your entire session is encrypted and is not readable by anyone.
5. Why can't I FTP from shell?
There is no valid reason why clients need access to the ftp binary. Again, this only leads to problems. If you need to use FTP to transfer files from another server to your account at ABHost.Net, first download the files locally to your computer, then FTP them to your account on our system.
We do not allow clients to remotely transfer files via FTP from a server to their account on our web server directly. There are no exceptions to this rule.
6. Why can't I use the telnet binary?
Simply put, there is no justifiable reason for this. If you want to create a telnet session to a different server, simply log out of your shell on our system and log into your desired server. You can also open up a new session from CRT.
Some people like to telnet from a remote host rather than their system directly if they are doing things they know are going to cause problems. Thus, they have a hostname or IP address of another organization (ABHost.Net) rather than their ISP or even their own IP address so it is more difficult to track them down. Therefore, we do not allow the telnet binary
7. Why can't I use the finger binary?
According to Essential System Administration by O'Reilly Associates, this can be a security problem, thought very very minute.
Aside from this reason, there is no valid reason why anyone needs to know who else is logged into a shell on the server.
8. Why can't I use the who binary?
There is no reason a client needs to know who else is logged into a shell on the server or what they are doing in their shell. For this reason, who is denied
9. Where can I obtain other SSH client applications?
FreeSSH.org has a good selection of SSH clients (both free & for pay)
Tucows.com has a very large selection with good reviews of SSH clients.
Shareware.com has a large number of free SSH clients.
Download.com also has a good variety of SSH clients.
10. Do I have the ability to run an SQL utility (ie, to create/modify tables, fields, etc)?
Yes, the sql utility is mysql; you can launch it like this from a telnet session:
/virtual/your-account-name $ mysql -h mysql.abhost.net -u USER-NAME -p
You will be prompted for your password. After which you will receive the following message:
Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is xxxx to server version: 3.22.16a-gamma-log
Type 'help' for help.
If you type help at the prompt.
mysql> help
The following commands are listed.
| MySQL commands: | ||
| help | (\h) | Display this text |
| ? | (\h) | Synonym for `help' |
| clear | (\c) | Clear command |
| connect | (\r) | Reconnect to the server. Optional arguments are db and host |
| edit | (\e) | Edit command with $EDITOR |
| exit | (\) | Exit mysql. Same as quit |
| go | (\g) | Send command to mysql server |
| ego | (\G) | Send command to mysql server; Display result vertically |
| (\p) | print current command | |
| quit | (\q) | Quit mysql |
| rehash | (\#) | Rebuild completion hash |
| status | (\s) | Get status information from the server |
| use | (\u) | Use another database. Takes database name as argument |
Please look at http://www.mysql.com/documentation/index.html for mysql documentation.
(O'Reilly also has a pretty good book on mysql)
