I'm pretty conscious of security issues and that's why access to the machine with FTP is restricted to just the home page. Shell access is only via SSH, secure shell. Shell accounts are kept to an absolute minimum: what I think about shells.

What is SSH, and why use it?

SSH stands for Secure SHell, it's like telnet but stronly encrypted. Many hosting companies provide telnet access but this is a security hazard since the password you use to log in is sent in plain text, and anyone with a network sniffer (e.g. one of your co-workers, neighbors, flatmates, ISP, etc) can get it. FTP is also a plain text protocol and so the same risk applies.

So how bad is this risk?

It's pretty minor, frankly. Most malicious intrusions on unix systems come through oversights in programs offering network services where an attacker sends unforeseen data that corrupts the program in a way that it offers up high-level access to the machine. However, having noted that the risk is low the consequences are quite serious. If someone did get access, all your data would be exposed and at risk of deletion not to mention the rest of the server would be in a much less guarded position.

If there's a way to reasonably reduce risk then I'll take it. And I'm in good company: the vast majority of unix admins use SSH these days.

Where can I get an SSH client?

• Unix: It's the ssh command :-)
• Mac: Try MacSSH or NiftyTelnet. Both are free, MacSSH is even Open Source.
• Windows: There is an good free client called PuTTY. An excellent commercial product is SecureCRT.
• Web browser: You don't even have to install anything! If you have a Java capable browser, you can log in securely over the Web on the login page. (How many folk offer that, eh?)

This page is being built as we speak... Check back soon!