University of Colorado at Boulder  
Map A to Z Index Search CU Home
ITS logo
Information Technology Services News | ITS Search
ITS Docs
  Macintosh Tunneling for OS 9 or Classic applications
 
 

These instructions will need to be followed by anyone who will be running OS 9 or Classic applications that use FTP and do not support SSH. For example, if you are running OS X but you run Dreamweaver 4 in the Classic environment, you will need to set up MacSSH and open the tunnel in the Classic environment.

If you ran the Secure Mac Installer (Click here to download the SecureMac2002 installer), you have pre-made SSH Tunnel links to the main UCB hosts. These shortcuts can be found in the Kerb/SSH Telnet folder that the Secure Mac Installer created. Unless you want to create a new SSH Tunnel to a different host, you can skip to the Opening the tunnel section below.

Setting up MacSSH

Go to the folder where MacSSH is located on your machine. For most people, this would be in the Kerb/SSH Telnet folder in your Applications (OS 9) folder.

1. Double-click the MacSSH PPC application to open it.

2. From the Favorites menu, select Edit Favorites...

3. Click on the New button.

4. This opens a small window with six tabs along the top. Click on the General tab to bring it to the front.

5. In the Alias: field, type a name for this connection. In the example above, the alias was named after the host the connection will be made to (ucsub) followed by 'ssh tunnel' in order to recognize it easily.

6. In the Host Name field, enter the name or IP address of the server you're connecting to. If the server is located on the UCB campus, the format for the server name will be 'servername.colorado.edu', as the picture above illustrates.

7. In the Port field, enter the number 22, as in the example above.

8. Now, click on the Security tab. You should see the following window.

9. Using the Protocol pull down menu select ssh2 (Secure Shell).

10. Now click on the SSH2 tab at the top of the window to bring it to the front.

11. At the Method pull-down menu, select Local TCP port forward as in the picture above.

12. In the Remote host field, enter the same server name you previously entered, in the following format: server-name.colorado.edu.

13. In this example, we will create a tunnel from the port 5000 on the local machine to the FTP port on the remote machine. In the case of UCB servers, the port used for SSH tunnel connections is 1621. So , in our example, we enter the number '5000' in the Local port field and '1621' in the Remote port field, as shown above.
This means that when we FTP to port 5000 on the local machine, we will actually be going through a secure tunnel to port 1621 on the machine we really want to FTP to.

14. Click the OK button, and you'll be back at the Favorites window. Click OK to close it.

15. You should now have the alias you created available in the Favorites menu of MacSSH PPC. To open the tunnel, read the Opening the tunnel section below.

Opening the tunnel

Go to the folder where MacSSH is located on your machine. For most people, this would be in the Kerb/SSH Telnet folder in your Applications (OS 9) folder. If you ran the Secure Mac Installer, you have SSH Tunnel shortcuts in this folder. If you want to connect to one of these hosts, simply double-click the shortcut file. Then pick up the instructions below at Step 3. The UCB shortcuts are also available from within MacSSH in the Favorites menu.

1. Double-click the MacSSH PPC application to open it.

2. From the Favorites menu, select the ssh tunnel shortcut you created previously. If you haven't created an ssh tunnel shortcut yet, see the Setting up MacSSH section above.

3. Enter your username and password for the host in the connection box shown above. Remember, this is your username and password for the particular server you are connecting to. Your username and password are secure as they are transmitted via SSH.

4. If this is the first time you are connecting to this host, you will see the window above. The host's identification, or fingerprint, hasn't been seen by your computer before. If you click Accept Once, you will trust this host's authenticity for this connection but will see this message again on subsequent connection attempts. If you click Accept & Save, you will trust this host's authenticity and it's fingerprint will be written to a file on your computer in order to identify it again later. You won't see this message in this case again unless the host machine fingerprint changes, which could be cause for alarm. It might mean your password will be sent to the wrong computer.

5. A window to the host will now open. You don't have to do anything in this window, but it must be open for your ssh tunnel to remain open. If you close it, your ssh tunnel will close as well.
The next step is to configure the insecure client you want to run to communicate through the ssh tunnel you have just opened. To see how to secure FTP communications with some popular HTML editing tools refer to the Web Publishing Client Setup page.

Get Help

To get help contact the IT Service Center by phone at 303-735-HELP (5-4357 from an on-campus phone), by e-mail at help@colorado.edu, or in person at the IT Service Center walk-in (located two buildings east of the UMC).

Encrypted Authentication Project

Encrypted Authentication Project homepage

 

  

Search by Topic

 

Did this document help you?
yes    no

How can it be improved?

 

 

 

 
       
       Support | Training | Facilities | About ITS | ITS Home
 

Last reviewed: September 30, 2003

IT Service Center: 303-735-4357 (5-HELP), help@colorado.edu, Location and Hours of Operation
Computer Support Representative (CSR) look-up tool

itsfeedback@colorado.edu  | Policies | Privacy
© 2000 The Regents of the University of Colorado