NiftyTelnet 1.1 SSH home page: <http://www.lysator.liu.se/~jonasw/ssh.html>
__________________________________ I M P O R T A N T __________________________________
Ñ Use of this program within North America is prohibited due to software patent conflicts.
Please use a different application such as BetterTelnet 2.0 or F-Secure SSH instead.
Ñ Users located in countries where use of encryption software is illegal should not use
this program. Check with your authorities if you are not sure.
What is NiftyTelnet 1.1 SSH?
It is a modified version of NiftyTelnet 1.1 where support for the SSH (Secure Shell) protocol has been incorporated. SSH is the de-facto standard for secure terminal sessions in the Unix world, and it's now available for free to the Macintosh community as well.
How do I use it?
To enable the SSH protocol for a session, bring up the edit dialog for your connection shortcut. Switch to one of the SSH encryption methods using the popup menu and you're all set!
What features does/doesn't NiftyTelnet 1.1 SSH implement?
NiftyTelnet 1.1 SSH implements a subset of the SSH 1.5 protocol. Supported encryption algorithms are: DES, 3DES and Blowfish. The IDEA algorithm is not available since commercial use requires a license, and the Arcfour algorithm has been disabled since it could introduce security problems when used in the SSH 1.x protocol.
Password authentication is the only authentication method currently supported. Other methods, e.g. RSA public-key challenge/response, may be added in the future. TCP port forwarding, data compression and secure file copy are also not available but will be considered for future versions.
Users in need of a full-blown SSH implementation for the Mac should try the Data Fellows, Inc F-Secure SSH client instead. The web page for this company is <http://www.datafellows.com/>.
In addition to the SSH protocol NiftyTelnet 1.1 SSH includes a couple of changes to the core of NiftyTelnet. The terminal emulation now defaults to the ISO 8859-1 character set, and the user interface has been updated to take advantage of the Appearance Manager in System 8 and later.
What is the purpose of the "NiftyTelnet SSH Known Hosts" file?
Whenever you connect to a host NiftyTelnet receives a public encryption key. If this key is not known before you have the option to add it to the Known Hosts file. The next time you connect NiftyTelnet will compare the key to the one found in the file to see if it has changed; a change may indicate a network intrusion attack which means your password is at risk if you don't disconnect immediately. There are other things that can trigger a change of the key so you may want to ask your system administrator for advice.
The Known Hosts file is by default placed in your Preferences folder but can be moved into the same folder as the application itself. You can edit it using any text editor and the format is compatible with the ~/.ssh/known_hosts file in the Unix version.
Where do I send feedback?
Please send bug reports, comments or feature requests to the email address listed at the top of this document. For bug reports it is very helpful if you include detailed information on how to reproduce the bug and the configuration of your computer.
What source code was used to implement the SSH protocol?
I used the public domain library Crypt++ 2.1 for the encryption. All other source code, except as noted in the copyright section, was written by me from scratch. This is not a port of the Unix version and it is therefore not subject to the license limitations of that distribution.
Is the source code available?
The author of NiftyTelnet, Chris Newman, has requested that the source for NiftyTelnet should no longer be distributed. The source for my additions are not available at this time because of Swedish crypto export legislation.
Why can't this program be used within North America?
The RSA public-key encryption algorithm is patented by RSA Data Security, Inc. This makes it impossible to use other implementations of the RSA algorithm in countries where the patent is valid. A discussion on this patent can be found at <http://www.cyberlaw.com/rsa.html>.
Where can I get more information on NiftyTelnet?
The documentation for NiftyTelnet 1.1 is included in this distribution. Please read it for information on NiftyTelnet in general. There is also an Apple Guide help file which is accessible from inside the application by selecting "NiftyTelnet Guide" from the Help menu.
The NiftyTelnet home page is <http://andrew2.andrew.cmu.edu/dist/niftytelnet.html>.
Distribution
NiftyTelnet 1.1 SSH may only be distributed as long as no fee is charged. Also, any distribution must be in accordance to the restrictions listed at the top of this document.
Acknowledgements
Special thanks to Chris Newman for letting me use his excellent NiftyTelnet as the foundation for my SSH client. Thanks to Ariel Futoransky for granting me permission to include the CORE SDI attack detection patch.
Copyright
SSH implementation:
Copyright ⌐ 1998 Jonas WalldÄn.
MD5 implementation ⌐ 1995 Eric Young.
CRC32 attack detection patch ⌐ 1998 CORE SDI S.A., Buenos Aires, Argentina. All rights reserved.
THIS SOFTWARE COMES WITHOUT WARRANTIES. THE SOFTWARE IS PROVIDED AS IS AND
JONAS WALLDEN AND ALL OTHER COPYRIGHT HOLDERS DISCLAIM WARRANTIES OF ANY KIND,
INCLUDING EXPRESSED AND IMPLIED WARRANTIES. IN NO EVENT SHALL THE COPYRIGHT
HOLDERS BE LIABLE FOR DAMAGES, INCLUDING BUT NOT LIMITED TO GENERAL, SPECIAL,
DIRECT, INDIRECT, EXEMPLARY OR CONSEQUENTIAL DAMAGES, RESULTING FROM USE OR
MISUSE OF THIS SOFTWARE, OR LOSS OF USE, DATA OR PROFITS.
NiftyTelnet 1.1:
Copyright ⌐ 1990-1996 by Christopher J. Newman. All Rights Reserved.
Permission to use, copy, modify, and distribute this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation, and that the name of Christopher J. Newman not be used in
advertising or publicity pertaining to distribution of the software without
specific, written prior permission. Christopher J. Newman makes no
representations about the suitability of this software for any purpose. It
is provided "as is" without express or implied warranty.
CHRISTOPHER J. NEWMAN DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT
SHALL CHRISTOPHER J. NEWMAN BE LIABLE FOR ANY SPECIAL, INDIRECT OR
CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE,
DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
OF THIS SOFTWARE.
Version history
NiftyTelnet 1.1 SSH -- August 20, 1998:
Changed the way disconnect and exit confirmation messages are sent to the server to be more in line with the protocol specification.
Added the CORE SDI crc32 attack detection patch.
Disabled the Arcfour cipher since it's no longer considered secure when used in the SSH 1.x protocol. It may return later on if SSH 2.0 protocol support is added.
Merged the PPC and 68K applications into a single fat binary.
Set the Known Hosts file type to TEXT and changed the line breaks to Mac standard.
More error checking for out of memory conditions.
Moved a handful of hardcoded strings into the resource fork to ease localization.
NiftyTelnet 1.1 SSH beta 1 -- July 21, 1998:
First "public" release. Very limited distribution.
