LinuxDevCenter.com
oreilly.comSafari Books Online.Conferences.

advertisement


Secure Chat with YTalk and SSH

by Robert Bernier
02/13/2003

Security and trust have always been big issues to me. I still remember my early days on the Internet. My ISP had 33.6 modems and no load balancing. Many of the customers had comparable modems but little old me had only a 14.4; consequently, I had somewhat reduced bandwidth. I was thrilled when I discovered that sending a ping flood to a certain port on the Win95 machines resulted in my having an "improved" Internet experience.

One day I realized that I might want to chat with my buddies, coworkers, and fellow conspirators securely without depending on 3rd party commercial utilities. Maybe there were firewalls that I needed to get through where server security was at a premium. I wanted to discuss the issues of the day with a small group of like-minded people with little system overhead using standard Unix utilities.

I settled on two pieces of technology: YTalk and SSH.

Under normal conditions, when everybody trusts everybody else, YTalk, talk, ntalk, et cetera will work without any problems. Alas, I found the real world a little more difficult and disappointing. It turned out my buddies couldn't reach me because of firewalls. Either their firewall rules would block the UDP connection or my firewall rules would stop it. Then there was the issue of corporate firewalls and even the ISP who sometimes played the big brother by blocking certain ports for the protection of our Windows brethren. Rather than taking the time to reset my firewall to better rules and hoping my buddies could take the same effort for theirs, I opted for another approach: remote logging with SSH and using guest accounts expressly setup for the purpose.

YTalk is a multi-user chat program that has been around on the Unix systems for a number of years now. Its strength lies in its ability to interface with both talk and ntalk, Unix-based daemons permitting more that two parties to talk at the same time.

Here is the ytalk command:

ytalk [-x] [-s] [-Y] [-i] [-h hostname_or_ip] username...

It accepts multiple usernames. They can take many forms:

name formatexplanation
namesome user on your machine
name@hostsome user on a different machine
name#ttysome user on a particular terminal
name#tty@hostsome user on a particular tty on a different machine
name@host#ttysame as name#tty@host
aliasnamean alias defined in your .ytalkrc

SSH, the secure shell, is the standard method to do remote logins by applying encryption so that third parties can't see or manipulate your activities.

Related Reading

SSH, The Secure Shell: The Definitive Guide
By Daniel J. Barrett, Richard E. Silverman

Both YTalk and SSH have both what are called servers and clients. You must use a client to contact a specific resident program, or server, on another machine. Once you, the client, are in communication with the server you can then communicate with other users.

As there's more than one way to skin a cat, so too are there many ways of secure communication with YTalk and SSH.

Here's how I went about to make all the fun stuff happen:

Getting It to Work

I started off with the simplest implementation i.e. just getting online with a tty console. The advantage here is that all you really need to make this work is an SSH client and an existing account on the talk server. This is great for people on non-Unix platforms.

Assume the following:

  • You want to contact another person using an encrypted tunnel.
  • You are both using a text console (i.e., no graphic environment for now).
  • Both of you have an account on a machine called www.munchies.org.
  • Your account's name is salt.
  • His account's name is vinegar.

Type the following:

ssh -l salt@www.munchies.org

The server responds by asking for a password. After typing it in, voila, you're logged in over an encrypted tunnel.

Now type

ytalk -x vinegar@ www.munchies.org.

The x option is used to disable X11 interface. My personal preference is working with consoles in the X11 environment. We'll look at the other available configuration options later. If all goes well then this is what you will see:

-----------= YTalk version 3.1.1 =----------
[Waiting for connection...]

This is what vinegar should see on his console:

Message from Talk_Daemon@www.munchies.org at 10:50 ...
talk: connection requested by salt@www.munchies.org.
talk: respond with:  talk salt@www.munchies.org.

If he types ytalk -x salt@www.munchies.org., he should see:

----------= YTalk version 3.1.1 =---------- 

----------= vinegar@www.munchies.org =----------

Now vinegar will see a similar screen. The positions will be reversed, though:

----------= YTalk version 3.1.1 =----------


----------= salt@www.munchies.org =----------

salt and vinegar can now talk to their hearts' delight. To end the link, just press Ctrl-C to return to the prompt.

Pages: 1, 2

Next Pagearrow




Linux Online Certification

Linux/Unix System Administration Certificate Series
Linux/Unix System Administration Certificate Series — This course series targets both beginning and intermediate Linux/Unix users who want to acquire advanced system administration skills, and to back those skills up with a Certificate from the University of Illinois Office of Continuing Education.

Enroll today!


Linux Resources
  • Linux Online
  • The Linux FAQ
  • linux.java.net
  • Linux Kernel Archives
  • Kernel Traffic
  • DistroWatch.com


  • Sponsored by: