Archive

Posts Tagged ‘SSH’

Super commands for Unix beginners and veterans!

January 8th, 2013 No comments

As a sysadmin of many years, I’m always fascinated by the world of *Unix and the untapped commands and tricks that are still there that I haven’t found out yet.  There are numerous ways to do something quicker, easier and more efficiently if a sysadmin knows where to look.

In this article, we’re listing the top most useful commands that any sysadmin should know and use when troubleshooting or in general working around their way in a Linux or Unix environments in general.

This command allows you to save a file you edited in VI without the needed permission for that file:

$ :w !sudo tee %

An alternative to traceroute or ping command on Linux is to run mtr:

$ mtr yahoo.com

Ever wanted to execute a command without saving it in history?  Here we go:

$ <space>who  (This will run the ‘who’ command without it being recommended in your history file).  Set your PS1=” ” to do it automatically by prepending space.

Ever found your screen or garbled up and you end up closing session and logging back in?  Well dont’ do that! Just type:

$ reset

To capture your activity on Linux desktop just type:

$ ffmpeg -f x11grab -s wxga -r 25 -i :0.0 -sameq /tmp/wow.mpg

Want to reverse tunnel?  Here is how you start a tunnel from some external site’s port 80 to your local server port 8001.  You can then hit that site via http://localhost:8001

$ ssh -N -L2001:localhost:80 blah.com

Just a single job around 8PM, better than a cron:

$ echo “who;ps -eaf” | at 8pm

Now, for one of the most helpful if not the most helpful command that’ll allow you to bind port to a process ID…perhaps better than lsof:

$ netstat -tlnp

Ever wanted to tweet from shell?  Perhaps you want to alert your twitter that your service is down?

$ curl -u user:pass -d status=”I am tweeting nigga!” http://twitter.com/statuses/update.xml

Run your website all in memory, here is how:

$ mount -t tmpfs tmpfs /data/blah.com -o size=10g  (Assuming you have at least 10g on server to spare, you now have a new partition to which you can copy your website to)

How about a secure mount via SSH?  First download SSHFS and then:

$ sshfs user@server:/path/to/mount/from /path/to/mount/point

 

There is more!

Categories: linux Tags: , , ,

Tool of the week: HotSSH

November 29th, 2010 No comments

HotSSH has been around for sometime but I recently found out that it exists.  It’s basically an gui interface to SSH Secure Shell in GNOME and brings some ease in managing ssh connections and etc.

HotSSH is an interface to Secure Shell, for GNOME and OpenSSH. It intends to be a better experience than simply invoking “ssh” from an existing terminal window.

  • Fast search-based interface for new connections
  • Also display and search of local (Avahi) SSH servers
  • Tabbed display with automatic session saving (Firefox style)
  • Status bar with information like latency to server and output of remote uptime
  • Close integration with OpenSSH features like connection sharing (near-instant new tabs)
  • NetworkManager integration to easily reconnect after a network change, great for laptops

You can download it here.

Categories: tools Tags:

HowTo: Get passwordless SSH working on Cygwin

October 28th, 2010 No comments

I’m sure many out there is actively using Cygwin because they can’t stand being on a Windows platform.  I for one am one of those people.  I install Cygwin on any Windows based servers to login to it remotely via SSH and do what I need to do.

Recently I came across an issue where I had to login from server to server within Cygwin environment via passwordless SSH.  I had already installed openssh server and it was running as a service.  HOWEVER!  It was installed under the default “SYSTEM” windows user and as a result I could never get it working.

Finally, I came across some sources that pretty much indicated that in order for passwordless SSH to work in Cygwin, SSH server must be installed under it’s own user such as sshd_server.

Once I did that, it all worked out!

Categories: General Tags: , ,

How to: Display pre-login banner on your SSH server

August 18th, 2010 No comments

We all know the infamous /etc/motd which displays the message of the day on a unix system after the user has logged in. However, not too many know that there is a way to display a banner with some message before a user logs in via SSH to the system.

To display some sort of banner to the users before they login to your server via SSH, make the following changes:

# echo "This is system xyz.com, all activity is monitored!" >> /etc/ssh-banner

Open the sshd config file located at /etc/ssh/sshd_config and add or edit the line that starts with “Banner”:

Banner /etc/ssh-banner

Simply restart sshd service and that should do it!

Categories: linux Tags: ,

Top 50 SSH helper tools – OMG!

August 16th, 2010 5 comments

Secure Shell (SSH) is an awesome protocol that has been around for years now and has replaced all the insecure ways of communication between different network devices.  It uses a secure, encrypted channel between the devices it communicates with thus making network sniffers useless to grab account credentials or other sensitive content.

[ad]

Many of us don’t realize that SSH is beyond just connecting between two devices.  For example, it can be setup as a proxy server, use various services in an encrypted tunnel, reverse proxy, secure backup/restore and so much more.  In this article, I’ve listed over 50 different tools that either manages or makes use of SSH to extend it’s usability beyond it’s original purpose.

  1. Sshguard –  Sshguard monitors services through their logging activity. It reacts to messages about dangerous activity by blocking the source address with the local firewall. Sshguard employs a clever parser that can transparently recognize several logging formats at once (syslog, syslog-ng, metalog, multilog, raw messages), and detects attacks for many services out of the box, including SSH, several ftpds, and dovecot. It can operate all the major firewalling systems, and features support for IPv6, whitelisting, suspension, and log message authentication.
  2. PAC –  PAC provides a GUI to configure SSH and Telnet connections, including usernames, passwords, EXPECT regular expressions, and macros. It is similar in function to SecureCRT or Putty. It is intended for people who connect to many servers through SSH. It can automate logins and command executions.
  3. csshX –  csshX is a tool to allow simultaneous control of multiple SSH sessions. csshX will attempt to create an SSH session to each remote host in separate Terminal.app windows. A master window will also be created. All keyboard input in the master will be sent to all the slave windows.
  4. tlssh –  tlssh is like SSH, but based on TLS. With tlssh, users log in using client certificates, never usernames or passwords.
  5. libssh –  libssh is a C library to access SSH services from a program. It can remotely execute programs, transfer files, and serve as a secure and transparent tunnel for remote programs. Its Secure FTP implementation can play with remote files easily, without third-party programs other than libcrypto (from OpenSSL) or libgcrypt.
  6. Digmia Enterprise SSH –  DSSH was written as a direct replacement for the OpenSSH client. It adds SSH over SSH tunneling capabilities (for example, to log in to a network hidden by a firewall), scripting support (using BeanShell), an advanced agent (which allows storing of passwords) and “su -” interactive logging for machines that have disabled direct root login. All of this was done to enable automated scripting and logging to many machines based on a few simple rules.
  7. SSH Keys exchange –  SshKeysExchange is a Korn shell script to create, exchange, and remove ssh keys between hosts within seconds rather than minutes. This tool is also included in DynDNSToolKit and oraToolKit project.
  8. CocTunnel –   CocTunnel is a simple SSH manager.
  9. Config::Model::OpenSsh –   Config::Model::OpenSsh is a graphical configuration editor for OpenSSH configuration files (e.g. /etc/ssh/sshd_config, /etc/ssh/ssh_config, or ~/.ssh/config). Other user interfaces (curses and terminal) are also available. Programmers can choose to use the Perl API to modify or validate OpenSSH configuration. This program is based on Config::Model.
  10. MindTerm –  MindTerm is a complete ssh-client in pure Java. It can be used either as a standalone Java application or as a Java applet.
  11. bcvi –   Bcvi is a tool that works with SSH to provide a secure “back channel” for sending commands back from the server to your workstation. For example, using bcvi and a shell alias, you can log into a server and type “vi filename”. Instead of running vi in the terminal window, on the remote server, bcvi will send a message back to your workstation, where a listener process will invoke gvim (a GUI version of vim) and pass it an scp://… URL for the remote file. Bcvi has a plugin architicture that allows you to add support for any process you want to launch on your workstation by running a command on the server.
  12. sshdfilter –  sshdfilter automatically blocks ssh brute force attacks by reading sshd log output in real time and adding iptables rules based on authentication failures.
  13. keychain –  keychain helps you to manage ssh keys in a convenient and secure manner. It acts as a frontend to ssh-agent and gpg-agent, but allows you to easily have one long running ssh-agent process per system, rather than the norm of one ssh-agent per login session.
  14. Meerkat –  Meerkat is an easy to use SSH tunnel manager built specifically for the Mac. It includes features such as application triggers, automatic reconnection on system sleep and network change, Growl integration, Bonjour support, command line and AppleScript integration, and much more.
  15. OmniSSH –  OmniSSH is a program that is used to execute a command or upload files on many servers in a cluster in a parallel, reliable, and well-documented fashion.
  16. lshell – lshell lets you restrict a user’s shell environment to limited sets of commands, choose to enable or disable any command over SSH (e.g. SCP, SFTP, rsync, etc.), log user’s commands, implement timing restrictions, and more.
  17. Orion SSH2 – Orion SSH2 is a library that implements the SSH-2 protocol in pure Java. It allows one to connect to SSH servers from within Java programs, for remote shell and command execution, local and remote port forwarding, local stream forwarding, X11 forwarding, and file transfer using SCP and SFTP.
  18. chain-ssh – This package provides a tool for ‘chained’ SSH access to remote hosts via a number of proxy hosts. It can be used for ssh, scp, and as a transport for rsync.
  19. secpanel – secpanel provides a GUI for managing SSH connection profiles. It supports handling of ssh-agents and the generation and distribution of public keys. It integrates SFTP using different file browsers and can use different X terminals.
  20. ccgfs – ccgfs is a transport-agnostic network filesystem using FUSE. Transport is arranged by helper programs, such as SSH. The PUSH transport mode acts like a “reverse” NFS and makes it possible to export a filesystem from a firewalled host without defeating the security model.
  21. Ganymed SSH-2 for Java – Ganymed SSH-2 for Java is a library that implements the SSH-2 protocol in pure Java (tested on J2SE 1.4.2, 5, and 6). It allows one to connect to SSH servers from within Java programs.
  22. pssh – pssh provides parallel versions of the OpenSSH tools that are useful for controlling large numbers of machines simultaneously. It includes parallel versions of ssh, scp, and rsync, as well as a parallel kill command.
  23. remote-ssh-access – remote-ssh-access is an application for creating handy SSH client shortcuts. It allows varying remote SSH keys, SSH protocol versions, remote target hosts, and remote commands for automated processes.
  24. Kippo – Kippo is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.
  25. sslh – sslh lets one accept both HTTPS and SSH connections on the same port. It makes it possible to connect to an SSH server on port 443 (e.g. from inside a corporate firewall) while still serving HTTPS on that port.
  26. ssh-multiadd – ssh-multiadd adds multiple ssh keys to the ssh authentication agent. These may use the same passphrase. When run without arguments, it adds $HOME/.ssh/identity and $HOME/.ssh/id_dsa.
  27. SSHatter – SSHatter uses a brute force technique to determine the how to log into an SSH server. It simply tries each combination in a list of usernames and passwords to determine which ones successfully log in.
  28. classh – classh is yet another wrapper around ssh for running commands on a number of hosts concurrently.
  29. sshutout – sshutout is a daemon that periodically monitors log files, looking for multiple failed login attempts via the Secure Shell daemon.
  30. Tunnel Manager – Tunnel Manager is a program that manages regularly used SSH tunnels. It supports both SSHv1 and SSHv2 tunnels and can be configured to manage the keys in your ssh-agent.
  31. sshdo – sshdo issues remote commands or puts or gets files to multiple hosts sequentially. Hosts are read from stdin (one per line). sshdo will use SSH key agent, if available, to avoid repetitive password entry.
  32. Cluster SSH – Cluster SSH opens terminal windows with connections to specified hosts and an administration console. Any text typed into the administration console is replicated to all other connected and active windows. This tool is intended for, but not limited to, cluster administration where the same configuration or commands must be run on each node within the cluster. Performing these commands all at once via this tool ensures all nodes are kept in sync.
  33. FastSSHer – Provides fast connections to Linux/Unix hosts over the SSH protocol. You don’t need to remember the IP address, hostname, login, or password. Just select a server from the list and press “Connect”.
  34. Dropbear SSH – Dropbear is an SSH 2 server and client that is designed to be small enough to be used in low-memory embedded environments, while still being functional and secure for general use.
  35. SSHMenu – SSHMenu is a GNOME panel applet that makes starting up a new terminal window with an SSH connection to a remote host just a click away.
  36. spread – spread provides SSH based Unix mass administration. It distributes commands or files from one central administration server onto classes of hosts.
  37. mpssh – mpssh is a program that can execute commands on many machines via SSH and get nicely formatted output.
  38. yessh – Yessh is a bash program that uses the SSH client. It provides fast connections to Linux/Unix hosts. Just type the name you have chosen for a host, and yessh will connect you via SSH.
  39. ssh-curse – intended to be a simple but enhancing GUI for using SSH on the terminal.
  40. SSH Askpass Keyring – SSH Askpass Keyring is an alternative ssh-askpass utility with support for the gnome-keyring.
  41. shmux – shmux is a program for executing the same command on many hosts in parallel.
  42. yaSSH – The yaSSH software package is a fast, dual-licensed implementation of SSH. It will include an SSH client, a client library, a server, and a server library. It is focused on speed, limited memory requirements, a simple API, portability, and use in an embedded setting.
  43. SSH Filesystem – SSH Filesystem uses the SSH File Transfer Protocol (SFTP), which is supported by most SSH servers. It is based on Filesystem in Userspace (FUSE), and hence root privilege is not required for mounting a remote filesystem. No setup is necessary and it is very easy to use.
  44. sshpass – Sshpass is a tool for non-interactivly performing password authentication with SSH’s so called “interactive keyboard password authentication”. Most users should use SSH’s more secure public key authentication instead.
  45. Autossh – Autossh is a program to monitor and automatically reestablish SSH connections.
  46. Proxytunnel – Proxytunnel is a program that connects stdin and stdout to a server somewhere in the Internet through an industry standard HTTPS proxy. It’s mostly used as a backend for OpenSSH’s ProxyCommand, and as a proxy backend for Putty. It can also be used for other proxy-traversing purposes.
  47. SSH Factory – SSH Factory is a set of Java based client components for communicating with SSH and telnet servers.
  48. sshfp – sshfp generates DNS SSHFP records from SSH public keys. sshfp can take public keys from a knownhosts file or from scanning the host’s sshd daemon.
  49. SSH Enchanter – Enchanter is a small library that helps you script SSH sessions in a manner similar to Expect.
  50. MySecureShell – MySecureShell is a secure FTP server that uses SSH. It is easy to install and manage.

[ad]

Categories: linux, Security Tags: ,

The Ultimate SSH Tricks Manual

August 7th, 2010 4 comments

This article assumes that you’re already familiar with SSH such as logging into remote servers, copying files from one server to another, generating ssh key pairs and etc.  So with all that away, this article provides a list of tricks that has been compiled from various sources in one cozy location, mynitor.com blog.

With most of these ssh tricks, you can use your imagination to extend it to whatever you need to get done.  Ultimately, it’s executing commands on remote server which practically can be exchanged with anything you find useful.

Transferring Files and Backups

Transfer /home directory from remote host to local server using ssh and tar:

$ ssh user@remotehost "tar cvzf - /home" | tar xvzf - /home

Similar as above but using scp to recursively copy /home from remote host to local server:

$ scp -r user@remotehost:/home /home

Transfer a local file to remote server:

$ cat /home/mynitor/testfile | ssh user@remotehost "cat > /home/mynitor/testfile"

Compare a file on remote server with local host:

$ ssh user@remotehost.com "cat /tmp/remotefile" | diff - /tmp/localfile

SSH Proxy and Port Forwarding Tricks

Tunnel all your browser traffic through your SSH server:

$ ssh -D 9999 user@yourserver.com

Setup SOCKS proxy to use with Chrome.  Save the following to a shell script and run:

function remotebrowse() {
    export SOCKS_SERVER=localhost:9999
    ssh -fNTD 9999 remotehost
    google-chrome --user-data-dir=/tmp/chrome $1 &
  }

Launch a local x11 session for a given application.  Simply use the following command then run whatever X application:

$ ssh -X user@remotehost.com 'xterm'

Use a local server through a proxy server:

$ ssh -f -N -L 1521:destinationhost.com:80 servertoproxyfrom.com

Tunneling VNC over ssh:

$ ssh -L 5900:localhost:5900 user@yourserver.com

Jump off one box into another:

$ ssh -t gatewayhost.com ssh destinationhost.com

Forward connections using server A to get to server B. You can use this method to get to any application such as smtp, pop3, mysql, oracle etc.  Just translate the port number:

$ ssh -L 3306:serverB.com:3306 user@serverA.com

Reverse SSH Tunneling. Concept is you want to get from a server at work or public IP into your home server or a server behind a firewall.   Say your destination server is 192.168.136.3, source server is mynitor.com.  Then ssh back to localhost to get to the home server.

$ ssh -R 3333:localhost:22 user@mynitor.com
$ ssh localhost -p 3333

Log in without appearing in lastlog/w and who output.

$ ssh -T user@hostname.com

Miscellaneous Tricks

Play a wav file on remote server:

$ ssh user1@local_server 'play /home/mynitor/2pac.wav'


Outputting your microphone to a remote computer’s speaker:

# dd if=/dev/dsp | ssh -c arcfour -C username@host dd of=/dev/dsp

Setup password less SSH access to another server:

$ ssh-keygen
$ cat ~/.ssh/id_rsa.pub | ssh user@remotehost "cat - >> ~/.ssh/authorized_keys;chmod 644  ~/.ssh/authorized_keys"

– The 644 will make sure your default umask isn’t creating a file with 664 perms. Otherwise, ssh server will reject your login attempt.

There is so much more. Once I gather up more of these, it will be included in an updated and more complete version of this article. Add away your tips and tricks!

Categories: General, Security Tags:

Tool of the week – sshconf

May 4th, 2010 No comments

If you’re a sys admin, you’ve probably dealt with SSH related issues like allowing certain users, from specific IP addresses.  Allowing SSH2 and disabling SSH1, setting session timeouts and etc.  Sometimes it gets a bit messy dealing with the configuration file directly which is where sshconf comes along.

sshconf is a graphical frontend to manage ssh configurations for different hosts.  It creates Host specifications for the user’ s configuration file in ~/.ssh/config.

Features

  • add, edit or remove Host
  • add, edit or remove LocalForward(s) or RemoteForward(s) for a Host
  • open a Terminal with a connection to the Host
  • quick access to hosts via SystemTray Icon

The View is representing only a subset of the Options. The Logic behind that parse the whole set of options in the configuration file.

Options added by hand won’t be overwritten.

Categories: tools Tags:

Linux Wireless Network Detectors and Sniffers

December 23rd, 2009 No comments

The following is a list of open source sniffer applications that can be used to tap into your wireless network.

You can sniff from a building across, from the floor above or below you or from down the road. Basically anywhere you can pick up a signal, you can sniff.

Keeping your wireless network secure is no small task, but there are precautions you can take to secure your network as much as possible.

The first half of this article will list numerous wireless network detectors and sniffers and the second half will provide some tips on how to best secure your wireless network.

  1. Tcpdump – a command-line tool for monitoring network traffic. Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria. Probably the most powerful network tool available to date.
  2. Ethereal – a network traffic analyzer, or “sniffer”, for Unix and Unix-like operating systems.
  3. Kismet – an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic. Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.
  4. RogueScanner – a network security tool for automatically discovering rogue wireless access points by canning a wired network. In addition to finding access points, it will classify all discovered network devices.
  5. Wlandscape – a software-tool to collect and visualize informations of wireless networks. It allows to isplay several data, such as their expansion, signal-strength and status. The single wireless networks re displayed on a topographical map.
  6. Wavemon – ncurses-based monitoring application for wireless network devices.
  7. Hotspotter – passively monitors the network for probe request frames to identify the preferred networks of Windows XP clients, and will compare it to a supplied list of common hotspot network names. If the probed network name matches a common hotspot name, Hotspotter will act as an access point to allow the client to authenticate and associate. Once associated, Hotspotter can be configured to run a command, possibly a script to kick off a DHCP daemon and other scanning against the new victim.
  8. Wellenreiter – a wireless network discovery and auditing tool. Prism2, Lucent, and Cisco based cards are supported. It is one of the easiest to use linux wireless scanning tools available.
  9. SSIDsniff – A nifty tool to use when looking to discover access points and save captured traffic.
  10. Mognet – wireless ethernet sniffer/analyzer written in Java. Currently being rewritten in C++ It was designed with handheld devices like the iPaq in mind, but will run just as well on a desktop or laptop.
  11. WiFiScanner – Just an another passive 802.11b scanner. It can dump traffic in realtime (like tcpdump) and you can change interactively the sniffed channel.
  12. Airfart – a wireless tool created to detect wireless devices, calculate their signal strengths, and present them to the user in an easy-to-understand fashion.
  13. Airsnarf – a simple rogue wireless access point setup utility designed to demonstrate how a rogue AP can steal usernames and passwords from public wireless hotspots. Airsnarf was developed and released to demonstrate an inherent vulnerability of public 802.11b hotspots–snarfing usernames and passwords by confusing users with DNS and HTTP redirects from a competing AP.
  14. AirTraf – wireless sniffer that can detect and determine exactly what is being transmitted over 802.11 wireless networks. This open-source program tracks and identifies legitimate and rogue access points, keeps performance statistics on a by-user and by-protocol basis, measures the signal strength of network components, and more.
  15. Driftnet – a program which listens to network traffic and picks out images from TCP streams it observes. Fun to run on a host which sees lots of web traffic. In an experimental enhancement, driftnet now picks out MPEG audio streams from network traffic and tries to play them.

Every computer on your network should be configured with best security in mind. Make sure that all networking devices support the latest and most secure encryption standards.  Encryption is number one defense against someone tapping in and sniffing your network.

Look for devices that support WPA or WPA-2 and use extremely long, random password consisting of letters, number and symbols. In the second half of this article, I will provide additional steps you can take to better secure your wireless network.

First, if you’re worried someone is snooping around your network then encrypt your browsing. Type the following in your terminal:

ssh -ND 5555 localhost

– You can also change ‘localhost’ to some remote server that you have shell access

and when prompted for password, enter your local password. If you’re using Firefox, go to Tools -> Options -> Advanced -> Network -> Settings and click on radio button Manual Proxy Configuration. At the SOCKS field, enter localhost and port 1500. Save all settings. Starting at this point, all your browser activity is encrypted via the SSH tunnel. This is an easiest and most basic way of increasing security when browsing.

Second, Use 128-bit WEP or WPA/WPA-2 encryption and use extremely long, random password consisting of letters, number and symbols for your access point. Do not broadcast your SSID. Keep it to yourself.

Third, Limit access rights by doing mac filtering. Only allow MAC IDs that you identify should have access to your network.

Fourth, Limit the number of IPs that should connect to your network. If you don’t have too many users, consider limiting the maximum number of DHCP addresses the network can assign, allowing just enough to cover the users you have.

Fifth, Disable remote administration of your access point.

Lastly and the most critical. If you’re router has built in firewall then use it. If it doesn’t then use it on your network and the devices that are attached to it.

There are many more things you can do to further secure your network. The most important thing is staying alert and keep up with the latest security articles and news.

Categories: tools Tags:

Tabbed SSH for Windows

November 30th, 2009 1 comment

If you are one of those less fortunate unix/linux admins who are forced to use Windows operating system at work, then you’ve probably had ten or more SSH terminals open each logged to different servers.

This maybe manageable to some of us but imagine 3 of those terminals dealing with one project, 2 of them on some patch installs and the remaining 5 on a crazy production issue you’re troubleshooting.

The real fun starts when you start doing ALT-TAB and browse through a few before getting the right terminal session….it could be frustrating.  Even if you’re a developer or a general user who logs into unix based servers and would like to better manage your connections then this article maybe helpful to you as well.   I’ve come up with a list of clients that support tabs, add to the list if there is more!

PuTTY Connection Manager

Chances are the majority of users use PuTTY for accessing SSH from windows and by the addition of PuTTY connection manager that adds tabbed interface, there should be no reason but to not use PuTTY anymore.  It  is by far the smallest, quickest way of accessing remote servers via SSH out there.


The connection manager is centralizes all your sessions in one window.  You can download it from here. You can read all about it’s features, download latest release from it’s website.

Poderosa

For those who dislike PuTTY for some reason, Poderosa is a pretty good alternative.  You can get it from en.poderosa.org.

In addition to doing tabbed browsing, it also allows you to split ssh windows in multiple different ways (see screenshots) as well as set up cygwin sessions.

Celestial Software


Another SSH client that tabbed interface.  It has tabs like poderosa but less expensive. It includes port forwarding, X forwarding. It supports the basic authentication and has all other necessary SSH terminal features.  Visit celestialsoftware.net for more details.


WinTabber

Even tough this isn’t made specifically with SSH, this is a great tool to use to provide tabbing feature to almost any application on your desktop.

WinTabber is a container application, that allows you to capture external windows and work with them in a grouped, tabbed environment.  Check out a video demo of the WinTabber on wintabber.com and download their free version to use.

Bonus for MAC users

The default terminal that comes with Mac is neat but if you haven’t tried iTerm yet, give it a shot and you’ll love it.  iTerm is a full featured terminal emulation program written for OS X.

Features

  • Full screen mode for a distraction free environment.
  • Transparent windows with blurring and custom background pictures
  • Supports select-to-copy and mid-button paste
  • Smart window placement
  • xterm mouse reporting for click and scroll events
  • Focus follow mouse
  • Applescript support
  • Bonjour support
  • Works on PowerPC and Intel Macs on 10.4, 10.5 and 10.6

I’ve been using it for sometime and recommend it for anyone on Mac.  Unfortunately, there is no Windows version available.  If you of any other tabbed SSH terminals, add it to the list.

Categories: tools Tags: