ssh

If you regularly access remote servers using the secure shell (SSH) command in your Mac's Terminal, often you will do so to simply edit a configuration file or two. This is normally done using a Terminal-based text editor such as vi, nano, or emacs; however, even though these programs can be fairly powerful options, often they simply lack in both ease and capability when compared to GUI-based editors like the TextWrangler, a popular and free editor from BareBones software.

Unfortunately being a full GUI application, TextWrangler will not run in the Terminal so you cannot use a remote copy … Read more

If you are familiar with the Unix command line, then the OS X Terminal is a great resource for accessing systems remotely. This can be done with several different protocols, including SSH and Telnet, FTP, and SFTP, as well as several others. Often people who use the Terminal for remote access will have several servers they regularly access, which makes typing the commands and URLs to establish the connection rather redundant.

To make this easier, you have several approaches you can take. The first is to set up a script or shell function that will store the connection information for … Read more

Remote access to a computer system is a convenient option to have, as it can allow you to change settings, get to your files and folders, or otherwise use the system without needing to be immediately in front of it. Being a Unix-like system, Apple has included the popular SSH remote log-in service for administering the system via the command line. However, this service can be used for more than a text-based interface to running commands, and you can use it to create secured FTP connections and similarly mount remote folders on a local system using the SSH filesystem (SSHFS) … Read more

If you are even slightly familiar with the OS X terminal, then SSH (remote log-in) is a great service to have enabled on a system, especially for troubleshooting purposes.

In instances where your display is frozen or blank, or if your system is not accepting input from keyboards, being able to remotely log in and at least run a shutdown command to avoid a hard reset is a beneficial option to have.

Apple makes setting up SSH easy and convenient by just enabling the service in the Sharing system preferences. But even with this ease, sometimes establishing a basic connection … Read more

Apple's sharing services in OS X have included the options for the Mac-native Apple Filing Protocol (AFP), the Windows-native Server Message Block (SMB), and the classic File Transfer Protocol (FTP). These three file-sharing protocols have been useful for compatibility not only with common Mac and Windows machines, but the FTP option has enabled practically any system to transfer files to a Mac. The lack of the ability to enable FTP in the system preferences may seem a bit limiting, but there are ways to get around this and get FTP service back up and running.

Enabling legacy FTP Apple'… Read more

For people who manage remote servers, the use of the secure shell (ssh) Terminal command is quite common, and is very often the only command people use when opening a Terminal window. While you can enter each of your ssh connections (usernames, server, and arguments) for every new Terminal session, this can be a burden if you need to connect to many servers. While Apple's Terminal application has a connection manager option where you can store the addresses of the servers you access, even this can be a bit cumbersome to continually access. One option instead is to implement … Read more

Update, Wednesday at 11:45 a.m. PT: Google has issued a fix that forces the affected Google apps to connect via the secure protocol HTTPS. As long as you update your apps when the fix is pushed out, this public Wi-Fi vulnerability won't affect you. Until then, it's best to use public Wi-Fi with extreme caution or follow the instructions below.

Android phones and tablets running version 2.3.3 and earlier suffer from a calendar and contact information vulnerability on public Wi-Fi networks, according to a new report. However, there are some concrete steps you can take to protect yourself.

Here's how it works. The vulnerability is in the ClientLogin Protocol API, which streamlines how the Google app talks to Google's servers. Applications request access by sending an account name and password via secure connection, and the access is valid for up to two weeks. If the authentication is sent over unencrypted HTTP, an attacker could use network-sniffing software to steal it over a legitimate public network, or spoof the network entirely using a public network with a common name, such as "airport" or "library." While this won't work in Android 2.3.4 or above, including Honeycomb 3.0, that only covers 1 percent of in-use devices.

Of course, the safest solution is to avoid using public, unencrypted Wi-Fi networks by switching to mobile 3G and 4G networks whenever possible. But that's not always an option, especially for Wi-Fi-only tablet owners or those on tight data plans. … Read more

Correction at 5:50 a.m. PDT May 20: The spelling of Kenny Paterson's last name has been corrected.

An underlying flaw in the widely used encryption protocol Open Secure Shell (OpenSSH) has been made public by researchers from the Royal Holloway, University of London.

The flaw, which lies in version 4.7 of OpenSSH on Debian/GNU Linux, allows 32 bits of encrypted text to be rendered in plaintext, according to a research team from the Royal Holloway Information Security Group (ISG).

An attacker has a one in 262,144 chance of success. ISG lead professor Kenny Paterson … Read more

With the release of Mac OS X 10.5.5 on Monday, the Cupertino, Calif., computer company provided patches for almost three dozen software flaws. Some of the fixes are specific to Apple features, such as image processing and Finder. Other fixes are updates to various open-source projects including Bind, ClamAV, OpenSSH, and Ruby.

Version 10.5.5 can be obtained from the Apple Software Downloads page.

ATS This patch affects users of Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.4, and Mac OS X Server v10.5 through v10.5.4. The update addresses the issue in CVE-2008-2305 in which viewing a document containing a maliciously crafted font may lead to arbitrary code execution. Apple credits Chris Ries of Carnegie Mellon University Computing Services for reporting this vulnerability.

BIND This patch affects users of Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.4, and Mac OS X Server v10.5 through v10.5.4. The update upgrades users to BIND version 9.4.2-P2, which addresses performance issues associated with BIND version 9.4.2-P1.

ClamAV This patch affects users of Mac OS X Server v10.4.11 and Mac OS X Server v10.5 through v10.5.4. The update addresses the vulnerabilities detailed within CVE-2008-1100, CVE-2008-1387, CVE-2008-0314, CVE-2008-1833, CVE-2008-1835, CVE-2008-1836, CVE-2008-1837, CVE-2008-2713, and CVE-2008-3215 by updating Mac OS users to ClamAV version 0.93.3.

Directory Services This patch affects users of Mac OS X v10.5 through v10.5.4 and Mac OS X Server v10.5 through v10.5.4. The update addresses the vulnerability detailed in CVE-2008-2329, in which a person with access to the log-in screen may be able to list user names. Apple says an information disclosure issue exists in Log-in Window when it is configured to authenticate users with Active Directory. "By supplying wildcard characters in the user name field, a list of user names from Active Directory may be displayed."

Directory Services II This patch affects users of Mac OS X Server v10.4.11, Mac OS X Server v10.5 through v10.5.4. The update addresses the insecure file operation vulnerability within CVE-2008-2330, in which a local user may obtain the server password if an OpenLDAP system administrator runs slapconfig. … Read more