� LINUX SYSTEM ADMINISTRATION AND SECURITY SSH (The Secure Shell) -Lakshmana Rao Konda lkonda@cs.siu.edu
Topics Covered � Introduction � Overview of features � SSH Client and Server Model � Cryptographic Keys � Attacks � SSH Agent � Architecture of SSH System � Installation and Configuration � Differences between SSH1 and SSH2 � Conclusion
Introduction � SSH, the secure shell, is a popular, powerful software based approach to network security. Whenever data is sent by a computer to the network, SSH automatically encrypts it. � SSH is used to replace telnet, ftp and reexec. � In telnet, ftp and reexec sends data (username and password) in plain text. � SSH Solves this by encrypting all the communications. In even if they watch they can see only garbage.
Overview of Features � Privacy of your data, via strong encryption. � Integrity of Communications , guaranteeing they have not been altered. � Authentication, proof of identity by senders and receivers. � Authorization, i.e.,access control to databases. � Forwarding or tunneling to encrypt other TCP/IP based sessions.
SSH Protocol
SSH Client and Server Model client server n 1 p , g 2 computes e = g^x mod p. (SSH_MSG_KEXDH_INI T ), e 3 computes f = g^y mod p K = e^y mod p H = hash(V_C || V_S || 4 I_C || I_S || (SSH_MSG_KEXDH_REPLY), K_S || f || s K_S || e || f || K) verifies that K_S really is the host key s = signature on H with its private host key. computes: K = f^x mod p H = hash(V_C || V_S || I_C || I_S || K_S || e || f || K), Transport Layer and verifies the Key exchange signature s on H.
SSH Client and Server Model client server server checks whether the supplied password is acceptable for Pay load is: Payload, signature 5 authentication, and if SSH_MSG_USERAUTH_REQUES so, it checks whether T , username, service, the signature is "password", FALSE, plaintext correct. password signature is: session identifier, payload encrypted with session key User auth layer (using password) SSH_MSG_USERAUTH_SUCCESS OR _FAILURE 6 request service if userauth_success 7
Authentication by Cryptographic Key � Before you can use the public key authentication , -You need a private key and pubilc key ie, key pair and you also need a secret passphrase. In SSH System ssh-keygen creates an RSA key pair and asks you for a secret passphrase to protect the private key. And it then generates a public key. � SSHKeygen then creates your local SSH directory and stores the private and public components of generated key in two files identity and identity.pub.
Authentication by Cryptography Installing a Pubilc Key on an SSH � Server machine . After creating the key pair on the local � account on the remote host. This is done by editing the file in the � SSH coniguration directory ~/.ssh/authorized_keys and append your public key.
SSH AGENT � An agent is a program that keeps private keys in memory and provides authentication services to SSH Clients.If you preload an agent with private keys at the beginning of a login session ,your SSH clients wont prompt for passphrases. To try the agent type $ssh-agent $shell where shell is the environment variabe contaning the name of our login shell. � Once the agent is running , its private key is loaded using the $ssh-add.
SSH ARCHITECTURE
Architecture of an SSH system � SSH has following components- � Server � Client � Session � Keys � Known Host Database
Contd… � Key generator � Agent � Signer � Random seed � Configuration file All these components are required in an implementation of SSH
Attacks Threats SSH can prevent � Man in the middle attack � Eavesdropping � Connection hijacking � IP Spoofing
Man in the middle attack Alice Trudy Bob Alice requests ssh conn, with Bob Trudy sends her public key instead Bob sends public key of Bob’s Alice gets the key for the first time, so she stores it as Bob’s key Alice sends username, password as plaintext in encrypted channel, that Trudy can decipher Trudy now has Alice’s username and password!!
Man in the middle attack
Spoofing Attack Alice Trudy Alice requests ssh connection with Bob Alice gets the key for Trudy sends her public key claiming to be Bob the first time, so she stores it as Bob’s key Alice sends username, password as plaintext in encrypted channel, that Trudy can decipher Trudy now has Alice’s username and password!! Trudy sends authentication failure Alice sends credentials again as plaintext in the encrypted channel Alice thinks she must Trudy sends another authentication failure and disconnects have entered incorrect passwords!!
Installation and Configuation � Extracting the files $ gunzip ssh -1.2.7.tar.gz $ tar xvf ssh-1.2.27.tar The result is a new sub directory containing all files in the distribution. � Verifying with PGP $pgp ssh-1.2.27.tar.gz If no warning messages are produced the distribution file is genuine.
Contd…. � Building and Installing SSH1 1. Run the supplied configure script $ ./configure 2. compile everything $ make 3. Install everyhing $ su root 4.create knownhosts file $ make-ssh-known-hosts
Contd…. � Compile time configuration The configure script accepts command line flags— with/without flags Enable/disable flags -include a package during compilation. Ex- 1.Installation files and directories $configure –prefix=/usr/local/ssh 2.Tcp/ip support $configure –disable-tcp-node delay
Contd… � X window support -configure ….-without-x… � Encryption and Ciphers $ configure --without-blowfish � Authentication $configure –enable-kerberos-tgt
SSH1 AND SSH2 DIFFERENCES SSH2 SSH1 � Separate transport, � One monolithic protocol authentication and connection protocols. � Any number of session � Exactly one session channels for channel per connection. connection. � Supports public key � It does not support. certificates
Contd…. � Strong cryptographic � Weak CRC32 integrity check. integrity check. � Periodic replacement � It does not provide of session keys. a way to change key for session. � Client tries a � Authentication is sequence of more flexible. authentication methods
Conclusion Threads SSH cant prevent � IP and TCP attacks � Traffic Analysis � Covert channels � Carelessness
Recommend
More recommend