Secure Connection to your enterprise network
Overview
Secure Shell (SSH) is a security mechanism provided on Unix and Linux servers which, amongst other features, enables remote users to use the internet to connect securely into their company's network.
Psion have tested the use of MindTerm's java-based SSH client on the netBook product range and this document provides some notes on how to install and use the client.
Important
SSH works by connecting through a secure tunnel to the SSH server running within the private network on a Linux or Unix machine. You will need to be able to install and start this service before the SSH client can connect.
Installation
The MT.SIS file provided should be run. This can be done on a PC if the netBook is connected via PsiWin 2.3, or you can copy the
MT.SIS file to the netBook and run it from there.
Configuration of SSH
As this is a java application that takes its commands from the supplied text file (MT.TXT), it is necessary to alter this. This is best done on a PC using an text editor program, such as Notepad. The example below sets up tunnels for Email and intranet browsing.
The format of this file is :
java mindbright.application.MindTerm [options]
Where [options] should include all of the following:
-server [Public IP address of SSH server (ie. Linux machine)]
eg. -server 193.23.55.123
-usrname [your username on the SSH server]
eg. -usrname johnsmith
-password [your password on the SSH server]
eg. -password opensesame
Depending on which services are required, one or more of the following options should also be included. These will set up a secure tunnel for POP3 mail (port 110), SMTP mail (port 25) and general web browsing (port 80). Any other ports can be set up in the same manner.
-local0 [unused local port:name of POP3 server:110]
eg. -local0 9000:pop3.myserve.net:110
-local1 [unused local port:name of SMTP server:25]
eg. -local1 9001:smtp.myserve.net:25
-local2 [unused local port:name of web server:80]
eg. -local2 9002:industrial.psion.com:80
The following text file is built from the previous examples
mindbright.application.MindTerm -server 193.23.55.123 -usrname johnsmith -password opensesame -local0 9000:pop3.myserve.net:110 -local1 9001:smtp.myserve.net:25 -local2 9002:industrial.psion.com:80
Save the completed MT.TXT file into the folder
\system\apps\MT\
There is a full description on how to use the command line options in the
README.TXT file that is installed in the folder
\system\apps\MT\
For a full description of SSH go to the many web sites on the subject.
To know more about MindTerm go to www.mindbright.se
EMAIL Configuration
- Within the netBook EMail program, create a new account using Tools\Add new account
- Under "Account", set up your name and company EMail address
- Under "Outgoing", set the SMTP server to localhost
- Under "Incoming", set the POP3 server to localhost, and mailbox login and password to your normal company EMail login and password
- Select the "Advanced" button <Ctrl-A> and set the SMTP port to 9001 and the POP3 port to 9000 (as set above in the
MT.TXT file).
- Press "OK" to save these account details.
Web Browser Usage
Once the necessary tunnel (probably Port 80) has been created then all browsing to the secure site needs to be prefaced as "localhost". So, in the above example, call up
industrial.psion.com/index.html as
localhost/index.html
Linux Setup
Assuming that SSH has been installed, type sshd to start the service.
If SSH has not been installed, see your Network Administrator.