Data traveling across the local CS network should be secure (although nothing can be guaranteed). When sending information across wider networks, security of data becomes more and more of a problem. If you use something like telnet, ftp, or non-SSL versions of IMAP and POP to remotely login (all of which are disabled on local CS machines), your username and password are sent across the wire in cleartext and may be compromised, allowing someone else to access your account. Even if the data you are sending is not private, you should still take steps to prevent possible password/account compromises.

If you want to read your CS email remotely via IMAP or POP, you must enable SSL support. Please see the IMAP/POP FAQ Entry for information on how to access the CS mail server.

If you want to remotely login or transfer files from CS machines, you will need to use SSH tools instead of ftp and telnet. SSH, or Secure SHell, is an encrypted remote login and file transfer protocol. All data sent from source to destination, including your login name and password, are sent encrypted using a key that is created once per machine or, alternatively, every login session. As a bonus, it supports encrypted X forwarding so that you can run remote windows in a fairly secure fashion. It's suggested that you use ssh for all your remote login sessions, especially those where traffic goes across the internet. See the Knowledge Base document on this subject for more information.

Several free and commercial ssh clients are available for just about every major operating system. Please see SSH Client FAQ Page for a listing of several popular SSH clients.

[Return to the FAQ index]