Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and - PowerPoint PPT Presentation

Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015

Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto • Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu • FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 • DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer • @roidelapluie @roidelapluie @roidelapluie @roidelapluie @roidelapluie @roidelapluie @roidelapluie on irc/twitter/github @roidelapluie @roidelapluie @roidelapluie @roidelapluie @roidelapluie @roidelapluie @roidelapluie on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github @roidelapluie @roidelapluie @roidelapluie on irc/twitter/github on irc/twitter/github on irc/twitter/github

inuits .eu

World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/80497449@N04/10012162166

Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices • M M M M M M Mainframes M M M M M M M M M M • S S S S S S S S S S S S S S S S Servers • V V V V V V V V V V V Virtual machines V V V V V • C C C C C C C C C Containers C C C C C C C • I I I I I I I I I I I I I I I I IoT

Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors • P P P P P P P P P P P P P P P P Physical Access • T T T T T T T T T T Telnet T T T T T T • R R R R R R RSH R R R R R R R R R R • S S S S S S S S S SSH S S S S S S S • H H H H H H H H H H HTTPS H H H H H H • … … … … … … … … … … … … … … … … …

SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH • D D D D D D Dozens of implementations D D D D D D D D D D • O O O O O O O O O O O O O O O O OpenSSH • D D D D D D D D D D D Dropbear (embedded) D D D D D • C C C C C C C C C Closed-source C C C C C C C • … … … … … … … … … … … … … … … … …

SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH • D D D D D D D D D D D Dozens of usecases D D D D D • S S S S S S S S S S S S S Shell access and TCP Tunelling S S S • C C C C C C C C C C C C C Code (git) C C C • F F F F F F F F F F F F F F F F File transfert (sftp) • X X X X X X X X X X X X X X X X X terminal (x2go) • A A A A A A A A A A A A A A A A Automation (ansible) • … … … … … … … … … … … … … … … … …

OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/pennuja/5399766800

OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH • D D D D D D Developed by the OpenBSD project D D D D D D D D D D • R R R R R R Released first in 1995 R R R R R R R R R R • S S S S S S S S S Server/Client implementation S S S S S S S • I I I I I I I I Included in BSD, Linux, Cygwin, Mac OS X, … I I I I I I I I • A A A A A A A A A A A A A A A A Available in many other platforms

Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope • F F F F F F Firewalling, OS, … F F F F F F F F F F • B B B B B B B B Basic tips: RootLogin, Pubkeys, … B B B B B B B B • C C C C C C C C C C C C C C C C Crypto/Encryption/Key Exchanges https://stribika.github.io/2015/01/04/secure-secure- shell.html

Security Security Security Security Security Security Security Security Security Security Security Security Security Security Security Security Security Licensed under a Creative Commons Asstribution-ShareAlike 2.0 License https://www.flickr.com/photos/111692634@N04/11406986014

Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense • D D D D D D D D Do you need SSH? (immutable infra, containers…) D D D D D D D D • K K K K K K K K KISS K K K K K K K K • C C C C C C C C Chose what will get public IP and then exposition.. C C C C C C C C hypervisors vs vms? • P P P P P P P P P P P P P P P P Port 22 is not Evil

Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/56001405@N06/6187271613

Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and - PowerPoint PPT Presentation

Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for

Security Measures in OpenSSH Damien Miller djm@openbsd.org Introduction Describe the

your exercise Order of Presentations Team Topic 212 Distributed file systems 209 OpenSSH:

Advanced Usage of OpenSSH Sean Cody MUUG Presentation September 9, 2008 Tuesday, September 9,

1.113.5 2.113.7 Set up secure shell (OpenSSH) Setup and configure basic DNS services Setup and

End result Implementation Resources used Google maps Formsbased worksheets in both

To enhance and prolong human life Developing biotechnologies to enhance & prolong human life

A voluntary program aimed to enhance the security of the international supply chain The

How nCipher HSMs enhance security for Red Hat OpenShift Platform www.ncipher.com Red Hat and

Enhance protection from security bugs in the Xen hypervisor Anthony PERARD Xen architecture

Leveraging IT to Enhance Physical Security Posture: Paving the Foundation to Success July 20,

BRIDGING THE GAP TO ENHANCE RETIREMENT SECURITY A P R I L 2 0 2 0 JOSH COHEN NATHAN SHEETS

Some SSH tips & tricks you may enjoy (plus, iptables) D. H. van Dok (Nikhef) 2014-05-19

Groundwater rational use to enhance urban water security under global change Lead researcher:

Public Economic and sectoral Policies to enhance Food & Nutrition security and agriculture in

Energy in Transition: How Green Energy Investments Enhance Energy Security Dr. Spyros Kiartzis

Do Containers Enhance Application Level Security? Benjy Portnoy, CISA, CISSP # whoami

Using Office 365 Secure Score to Enhance your Microsoft Cloud Security Chris Rhoda VP for

Enhance Institutional & Human Enhance Institutional & Human Capacity on Disaster

Clean Energy Transition: How Investments in Renewable Energy Enhance Energy Security Dr. Spyros

Go paperless with electronic timesheets. Enhance FLSA compliance for time reporting and

Communication, Engagement, and Partnership Youth United Objectives Enhance partnerships

Opportunities to enhance the information published on the Gas Bulletin Board Laura Koziol

African-German partnership to enhance resource use efficiency and improve food security in urban

Conserve to Enhance Webinar Presentation Notes February 22, 2012

Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and - PowerPoint PPT Presentation

Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for

Security Measures in OpenSSH Damien Miller djm@openbsd.org Introduction Describe the

your exercise Order of Presentations Team Topic 212 Distributed file systems 209 OpenSSH:

Advanced Usage of OpenSSH Sean Cody MUUG Presentation September 9, 2008 Tuesday, September 9,

1.113.5 2.113.7 Set up secure shell (OpenSSH) Setup and configure basic DNS services Setup and

End result Implementation Resources used Google maps Formsbased worksheets in both

To enhance and prolong human life Developing biotechnologies to enhance &amp; prolong human life

A voluntary program aimed to enhance the security of the international supply chain The

How nCipher HSMs enhance security for Red Hat OpenShift Platform www.ncipher.com Red Hat and

Enhance protection from security bugs in the Xen hypervisor Anthony PERARD Xen architecture

Leveraging IT to Enhance Physical Security Posture: Paving the Foundation to Success July 20,

BRIDGING THE GAP TO ENHANCE RETIREMENT SECURITY A P R I L 2 0 2 0 JOSH COHEN NATHAN SHEETS

Some SSH tips &amp; tricks you may enjoy (plus, iptables) D. H. van Dok (Nikhef) 2014-05-19

Groundwater rational use to enhance urban water security under global change Lead researcher:

Public Economic and sectoral Policies to enhance Food &amp; Nutrition security and agriculture in

Energy in Transition: How Green Energy Investments Enhance Energy Security Dr. Spyros Kiartzis

Do Containers Enhance Application Level Security? Benjy Portnoy, CISA, CISSP # whoami

Using Office 365 Secure Score to Enhance your Microsoft Cloud Security Chris Rhoda VP for

Enhance Institutional &amp; Human Enhance Institutional &amp; Human Capacity on Disaster

Clean Energy Transition: How Investments in Renewable Energy Enhance Energy Security Dr. Spyros

Go paperless with electronic timesheets. Enhance FLSA compliance for time reporting and

Communication, Engagement, and Partnership Youth United Objectives Enhance partnerships

Opportunities to enhance the information published on the Gas Bulletin Board Laura Koziol

African-German partnership to enhance resource use efficiency and improve food security in urban

Conserve to Enhance Webinar Presentation Notes February 22, 2012

To enhance and prolong human life Developing biotechnologies to enhance & prolong human life

Some SSH tips & tricks you may enjoy (plus, iptables) D. H. van Dok (Nikhef) 2014-05-19

Public Economic and sectoral Policies to enhance Food & Nutrition security and agriculture in

Enhance Institutional & Human Enhance Institutional & Human Capacity on Disaster