Secure Chat with YTalk and SSH
by Robert Bernier02/13/2003
Security and trust have always been big issues to me. I still remember my early days on the Internet. My ISP had 33.6 modems and no load balancing. Many of the customers had comparable modems but little old me had only a 14.4; consequently, I had somewhat reduced bandwidth. I was thrilled when I discovered that sending a ping flood to a certain port on the Win95 machines resulted in my having an "improved" Internet experience.
One day I realized that I might want to chat with my buddies, coworkers, and fellow conspirators securely without depending on 3rd party commercial utilities. Maybe there were firewalls that I needed to get through where server security was at a premium. I wanted to discuss the issues of the day with a small group of like-minded people with little system overhead using standard Unix utilities.
I settled on two pieces of technology: YTalk and SSH.
Under normal conditions, when everybody trusts everybody else, YTalk, talk, ntalk, et cetera will work without any problems. Alas, I found the real world a little more difficult and disappointing. It turned out my buddies couldn't reach me because of firewalls. Either their firewall rules would block the UDP connection or my firewall rules would stop it. Then there was the issue of corporate firewalls and even the ISP who sometimes played the big brother by blocking certain ports for the protection of our Windows brethren. Rather than taking the time to reset my firewall to better rules and hoping my buddies could take the same effort for theirs, I opted for another approach: remote logging with SSH and using guest accounts expressly setup for the purpose.
YTalk is a multi-user chat program that has been around on the Unix systems for a number of years now. Its strength lies in its ability to interface with both talk and ntalk, Unix-based daemons permitting more that two parties to talk at the same time.
Here is the ytalk command:
ytalk [-x] [-s] [-Y] [-i] [-h hostname_or_ip] username...It accepts multiple usernames. They can take many forms:
| name format | explanation |
|---|---|
name | some user on your machine |
name@host | some user on a different machine |
name#tty | some user on a particular terminal |
name#tty@host | some user on a particular tty on a different machine |
name@host#tty | same as name#tty@host |
aliasname | an alias defined in your .ytalkrc |
SSH, the secure shell, is the standard method to do remote logins by applying encryption so that third parties can't see or manipulate your activities.
|
Related Reading 
SSH, The Secure Shell: The Definitive Guide |
Both YTalk and SSH have both what are called servers and clients. You must use a client to contact a specific resident program, or server, on another machine. Once you, the client, are in communication with the server you can then communicate with other users.
As there's more than one way to skin a cat, so too are there many ways of secure communication with YTalk and SSH.
Here's how I went about to make all the fun stuff happen:
Getting It to Work
I started off with the simplest implementation i.e. just getting
online with a tty console. The advantage here is that all you
really need to make this work is an SSH client and an existing account on
the talk server. This is great for people on non-Unix platforms.
Assume the following:
- You want to contact another person using an encrypted tunnel.
- You are both using a text console (i.e., no graphic environment for now).
- Both of you have an account on a machine called
www.munchies.org. - Your account's name is
salt. - His account's name is
vinegar.
Type the following:
ssh -l salt@www.munchies.orgThe server responds by asking for a password. After typing it in, voila, you're logged in over an encrypted tunnel.
Now type
ytalk -x vinegar@ www.munchies.org. The x option is used to disable X11 interface. My
personal preference is working with consoles in the X11 environment. We'll
look at the other available configuration options later. If all goes well
then this is what you will see:
-----------= YTalk version 3.1.1 =----------
[Waiting for connection...] This is what vinegar should see on his console:
Message from Talk_Daemon@www.munchies.org at 10:50 ...
talk: connection requested by salt@www.munchies.org.
talk: respond with: talk salt@www.munchies.org. If he types ytalk -x salt@www.munchies.org., he should
see:
----------= YTalk version 3.1.1 =----------
----------= vinegar@www.munchies.org =---------- Now vinegar will see a similar screen. The positions will be
reversed, though:
----------= YTalk version 3.1.1 =----------
----------= salt@www.munchies.org =---------- salt and vinegar can now talk to their hearts'
delight. To end the link, just press Ctrl-C to return to the
prompt.
Pages: 1, 2 |
