what is ssh and how to use it ?

what is ssh and how to use it?

Chapter 20. SSH Protocol

SSH ™ (or S secure SH ell) is a protocol which facilitates secure communications between two systems using a client/server architecture and allows users to connect to a remote host. Unlike other remote communication protocols such as FTP or Telnet, SSH encrypts the connection session, making it impossible for anyone to obtain unencrypted passwords.

SSH is designed to replace older, less secure methods for remotely registering to another system through command shell, such as telnet or rsh . A related program, SCP , replace other programs designed to copy files between hosts such as rcp. Because these old applications do not encrypt passwords between the client and the server, avoid using them as long as possible. Using secure methods to remotely register to other systems reduces security risks for both the client system and the remote system.

20.1. SSH Features

The SSH protocol provides the following types of protection:

After the initial connection, the client can verify that it is connecting to the same server to which it was previously connected.

The client transmits its authentication information to the server using robust 128-bit encryption.

All data sent and received during the session is transferred via 128-bit encryption, which makes them extremely difficult to decipher and read.

The client has the possibility to forward X11 applications [1] from the server. This technique, called X11 forwarding, provides a secure means for using graphical applications over a network.

Since the SSH protocol encrypts everything it sends and receives, it can be used to secure unsafe protocols. The SSH server can be converted into a conduit to make unsafe protocols secure by using a technique called port forwarding, such as POP, increasing overall system and data security.

Red Hat Enterprise Linux contains the general OpenSSH package ( OpenSSH ) as well as OpenSSH ( OpenSSH-server ) and client ( OpenSSH-clients ) packages . Refer to the chapter entitled OpenSSH in the Red Hat Enterprise Linux System Administration Guide for instructions on installing and developing OpenSSH. Note that OpenSSH packages require the OpenSSL ( OpenSSL ) package . OpenSSL installs several important cryptographic libraries, allowing OpenSSH to provide encrypted communications.

20.1.1. Why use SSH?

Neighbor users have a variety of tools at their disposal that allow them to intercept and redirect network traffic to gain access to the system. In general terms, these threats can be categorized as follows:

Interception of communication between two systems - In this scenario, there is a third somewhere in the network between entities in communication that makes a copy of the information that passes between them. The intercepting party may intercept and retain the information, or may modify the information and then send it to the vessel for which it was intended.

This attack can be mounted through the use of a sniffer packet - a very common network utility.

A personification of a particular host - With this strategy, an interceptor system pretends to be the recipient to which a message is destined. If the strategy works, the user's system does not realize the cheating and continues communication with the wrong host.

This occurs with techniques such as DNS poisoning [2] or IP spoofing [3] .

Both techniques intercept potentially confidential information and if this interception is performed for hostile purposes, the result can be catastrophic.

If SSH is used for remote shell logons and for copying files, these threats can be significantly reduced to security. This is because the SSH client and the server use digital signatures to verify their identity. In addition, all communication between client and server systems is encrypted. The attempts to falsify the identity of either side of the communication will be of no use since each packet is encrypted by means of a key known only by the local and remote system.

Notes

[1]X11 refers to the X11R6.7 window view system, traditionally called X Window System or simply X. Red Hat Enterprise Linux contains XFree86, an open source X Window System.

[2]DNS poisoning occurs when an attacker enters the DNS server, pointing systems to intentionally duplicate hosts.

[3]IP spoofing occurs when an attacker sends out network packets that appear to come from trusted hosts on the network.

Tweet

Subscribe to receive free email updates: