Helsinki, Finland -
January 24, 2006
SSH Tectia Newsletter Vol.19 - Secure Shell Reaches Proposed Standard Status
SSH Communications Security >> http://www.ssh.com
======================================================
[ SSH TECTIA NEWSLETTER (VOLUME 19) ] < January 24, 2006 >
======================================================
* Product News - Secure Shell Reaches Proposed Standard Status in the IETF
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Secure Shell protocol specifications that are the basis for SSH Tectia solution have reached Proposed Standard status within the IETF* standardization process and were published as RFC documents. The seven new Proposed Standard RFC documents are RFC 4250 - 4256.
Secure Shell was originally developed in 1995 by Tatu Ylonen, the founder of SSH Communications Security, to overcome the security risks of sending and receiving plaintext data and to provide a secure means of replacing Telnet, FTP, and Unix r-series programs. Later that year, after receiving multiple requests for a feature-rich commercial version, Tatu Ylonen developed what is known today as Secure Shell. Today, Secure Shell is the de-facto standard used by millions worldwide for secure server administration, secure file transfer, and secure application connectivity. The recently received IETF standard status will ensure that solutions based on Secure Shell will be interoperable and standards-compliant also in the future.
*The IETF (Internet Engineering Task Force) is an international body that governs the Internet standardization process and publication of standards. Receiving a Proposed Standard status is a significant milestone for the Secure Shell technology, ensuring interoperability between implementations from multiple vendors and providing a basis for seamless product compliance. Internet Protocol (IP), Transmission Control Protocol (TCP), and Hypertext Transmission Protocol (HTTP) are among the fundamental Internet protocol specifications, where IETF standardization has also played a key role in technology adoption and interoperability.
* Company News - SSH Signs Multi-Year Agreements with Three Major Enterprises
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SSH Communications Security Corp has signed multi-year frame agreements for enterprise-wide use of SSH Tectia products with three major corporations, two US financial sector leaders and a leading European software company. The first-phase deliveries will secure system administration connections in the very large IT infrastructure of these customers. SSH Tectia Manager enables such enterprise-wide scalability.
The multi-year agreements also include annual fees for continuous software maintenance and technical support services for the licensed products, as well as provisions for adding other SSH Tectia products for secure file transfers, application connectivity, and secure IBM mainframe connectivity for additional license fees.
* Tips & Tricks: Keyboard-Interactive Authentication Method
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The keyboard-interactive authentication method defined in the RFC 4256 "Generic Message Exchange Authentication For The Secure Shell Protocol (SSH)" has been supported as of SSH Secure Shell version 3.2 and is enabled by default in SSH Tectia Client. This gives the administrator of SSH Tectia Server an option to easily change the actual authentication method, for example from operating system password to RADIUS password, without the need to change the configuration on the client side.
Also other Secure Shell implementations support RFC 4256. For example in OpenSSH, this authentication method is called Challenge-Response.
In SSH Tectia Server 5.x, there are several authentication methods that can be configured as keyboard-interactive submethods including RSA SecurID. With Pluggable Authentication Modules (PAM) on Unix, all methods where the user can enter all required authentication data via the keyboard can be configured as keyboard-interactive.
For more information, please see Section "5.8 User Authentication with Keyboard-Interactive" in "SSH Tectia Server (A/F/T) 5.0 Administrator Manual".
The user documentation and other public documentation for SSH Tectia products are available at the SSH Resource Center at http://www.ssh.com/resources/. Under 'User documentation', select
'Manuals' or search documentation by product and version.
* Most Popular Documents Available at SSH Resource Center
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
**White Paper: Protecting Cardholder Data in Transit with SSH Tectia
http://www.ssh.com/campaign/pci/newsletter.html
**White Paper: Replacing FTP and Telnet in Cross-Platform Networks
http://www.ssh.com/campaign/ftpwp/newsletter.html
**White Paper: SSH Tectia for IBM Mainframes
http://www.ssh.com/resources/mainframewp-download.mpl
* Trade Shows & Events
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Upcoming events:
* SSH Headlines
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
January 9, 2006
Secure Shell Reaches Proposed Standard Status in the IETF
http://www.ssh.com/company/newsroom/article/700/
December 21, 2005
SSH Signs Multi-year Agreements with Three Major Enterprises
http://www.ssh.com/company/newsroom/article/696/
======================================================
# SSH Tectia Newsletter Mailing List #
------------------------------------------------------
This e-mail has been sent to evaluators of SSH products and others who have been in contact with us in the past and who have agreed that we send you the SSH Tectia Newsletter.
To unsubscribe from the mailing list, send a blank e-mail to from the e-mail account you wish to unsubscribe , or visit http://www.ssh.com/company/newsroom/unsubscribe.mpl.
# SSH Security & Release Alert Mailing List #
-------------------------------------------------------
If you would like to receive security alerts and notices about new version releases of SSH products, please subscribe to SSH Security & Release Alert mailing list at http://www.ssh.com/company/newsroom/subscribe.mpl.
=======================================================
Sincerely,
SSH Communications Security >> http://www.ssh.com
======================================================
[ SSH TECTIA NEWSLETTER (VOLUME 19) ] < January 24, 2006 >
======================================================
- Product News - Secure Shell Reaches Proposed Standard Status
- Company News - SSH Signs Multi-Year Agreements
- Tips & Tricks
- Most Popular Documents at SSH Resource Center
- Trade Shows & Events
- SSH Headlines
- Subscribing & Unsubscribing to Mailing Lists
* Product News - Secure Shell Reaches Proposed Standard Status in the IETF
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Secure Shell protocol specifications that are the basis for SSH Tectia solution have reached Proposed Standard status within the IETF* standardization process and were published as RFC documents. The seven new Proposed Standard RFC documents are RFC 4250 - 4256.
Secure Shell was originally developed in 1995 by Tatu Ylonen, the founder of SSH Communications Security, to overcome the security risks of sending and receiving plaintext data and to provide a secure means of replacing Telnet, FTP, and Unix r-series programs. Later that year, after receiving multiple requests for a feature-rich commercial version, Tatu Ylonen developed what is known today as Secure Shell. Today, Secure Shell is the de-facto standard used by millions worldwide for secure server administration, secure file transfer, and secure application connectivity. The recently received IETF standard status will ensure that solutions based on Secure Shell will be interoperable and standards-compliant also in the future.
*The IETF (Internet Engineering Task Force) is an international body that governs the Internet standardization process and publication of standards. Receiving a Proposed Standard status is a significant milestone for the Secure Shell technology, ensuring interoperability between implementations from multiple vendors and providing a basis for seamless product compliance. Internet Protocol (IP), Transmission Control Protocol (TCP), and Hypertext Transmission Protocol (HTTP) are among the fundamental Internet protocol specifications, where IETF standardization has also played a key role in technology adoption and interoperability.
* Company News - SSH Signs Multi-Year Agreements with Three Major Enterprises
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SSH Communications Security Corp has signed multi-year frame agreements for enterprise-wide use of SSH Tectia products with three major corporations, two US financial sector leaders and a leading European software company. The first-phase deliveries will secure system administration connections in the very large IT infrastructure of these customers. SSH Tectia Manager enables such enterprise-wide scalability.
The multi-year agreements also include annual fees for continuous software maintenance and technical support services for the licensed products, as well as provisions for adding other SSH Tectia products for secure file transfers, application connectivity, and secure IBM mainframe connectivity for additional license fees.
* Tips & Tricks: Keyboard-Interactive Authentication Method
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The keyboard-interactive authentication method defined in the RFC 4256 "Generic Message Exchange Authentication For The Secure Shell Protocol (SSH)" has been supported as of SSH Secure Shell version 3.2 and is enabled by default in SSH Tectia Client. This gives the administrator of SSH Tectia Server an option to easily change the actual authentication method, for example from operating system password to RADIUS password, without the need to change the configuration on the client side.
Also other Secure Shell implementations support RFC 4256. For example in OpenSSH, this authentication method is called Challenge-Response.
In SSH Tectia Server 5.x, there are several authentication methods that can be configured as keyboard-interactive submethods including RSA SecurID. With Pluggable Authentication Modules (PAM) on Unix, all methods where the user can enter all required authentication data via the keyboard can be configured as keyboard-interactive.
For more information, please see Section "5.8 User Authentication with Keyboard-Interactive" in "SSH Tectia Server (A/F/T) 5.0 Administrator Manual".
The user documentation and other public documentation for SSH Tectia products are available at the SSH Resource Center at http://www.ssh.com/resources/. Under 'User documentation', select
'Manuals' or search documentation by product and version.
* Most Popular Documents Available at SSH Resource Center
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
**White Paper: Protecting Cardholder Data in Transit with SSH Tectia
http://www.ssh.com/campaign/pci/newsletter.html
**White Paper: Replacing FTP and Telnet in Cross-Platform Networks
http://www.ssh.com/campaign/ftpwp/newsletter.html
**White Paper: SSH Tectia for IBM Mainframes
http://www.ssh.com/resources/mainframewp-download.mpl
* Trade Shows & Events
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Upcoming events:
- Hannover, Germany: CeBIT 2006, March 9 - 15
- Florida, USA: InfoSec World, April 3 - 5
* SSH Headlines
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
January 9, 2006
Secure Shell Reaches Proposed Standard Status in the IETF
http://www.ssh.com/company/newsroom/article/700/
December 21, 2005
SSH Signs Multi-year Agreements with Three Major Enterprises
http://www.ssh.com/company/newsroom/article/696/
======================================================
# SSH Tectia Newsletter Mailing List #
------------------------------------------------------
This e-mail has been sent to evaluators of SSH products and others who have been in contact with us in the past and who have agreed that we send you the SSH Tectia Newsletter.
To unsubscribe from the mailing list, send a blank e-mail to from the e-mail account you wish to unsubscribe , or visit http://www.ssh.com/company/newsroom/unsubscribe.mpl.
# SSH Security & Release Alert Mailing List #
-------------------------------------------------------
If you would like to receive security alerts and notices about new version releases of SSH products, please subscribe to SSH Security & Release Alert mailing list at http://www.ssh.com/company/newsroom/subscribe.mpl.
=======================================================
Sincerely,
SSH Communications Security >> http://www.ssh.com
© 2005 SSH Communications Security Corp. All rights reserved. ssh® is a registered trademark of SSH Communications Security Corp in the United States and in certain other jurisdictions. All other names and marks are property of their respective owners.