ssh secure shell from: //en.wikipedia.org/wiki/ssh

53
SSH Secure Shell From: http://en.wikipedia.org/wiki/Ss h

Upload: evelyn-dalton

Post on 15-Jan-2016

296 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH

Secure Shell

From: http://en.wikipedia.org/wiki/Ssh

Page 2: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH

Secure Shell (SSH) Network protocol

Allows data to be exchanged over a secure channel between two computers

Encryption provides confidentiality and integrity of data

SSH uses public-key cryptography to authenticate the remote computer

Allows the remote computer to authenticate the user, if necessary

Page 3: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH

Typically used to log into a remote machine and execute commands Supports tunneling

Forwards arbitrary TCP ports and X11 connections

Can transfer files using the associated SFTP or SCP protocols

Page 4: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH

An SSH server Listens on the TCP port 22 (default) ssh client program typically used for

establishing connections to an sshd daemon accepting remote connections.

Both typically present on operating systems Mac OS X, Linux, Solaris, OpenVMS, …

Proprietary, freeware and open source versions of various levels of complexity and completeness exist

Page 5: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

History

Page 6: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

History

SSH-1 1995: Tatu Ylönen designed the first version of the protocol

(SSH-1) Prompted by a password-sniffing attack at his university’s network Goal of SSH was to replace the earlier rlogin, TELNET and rsh protocols

Did not provide strong authentication or guarantee confidentiality Ylönen released his implementation as freeware in July 1995

Tool quickly gained in popularity Towards the end of 1995, the SSH user base had grown to 20,000 users

in fifty countries. December 1995: Ylönen founded

SSH Communications Security to market and develop SSH. Original version of the SSH software used various pieces of free software

such as GNU libgmp Later versions released by SSH Secure Communications evolved into

increasingly proprietary software

Page 7: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

History

SSH-2 1996: SSH-2 designed

incompatible with SSH-1. SSH-2 featured both security and feature improvements

over SSH-1 Better security through Diffie-Hellman key exchange Strong integrity checking via message authentication

codes New features of SSH-2 included the ability to run any

number of shell sessions over a single SSH connection

Page 8: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

History

1999: developers wanted a free software version Went back to the 1.2.12 release of the original ssh

program Last released under an open source license

Björn Grönvall's OSSH developed from this codebase

OpenBSD developers forked Björn's code Extensive work done Created OpenSSH

Shipped with the 2.6 release of OpenBSD “Portability" branch was formed to port OpenSSH to

other operating systems It is estimated that, at the end of 2000, there were

2,000,000 users of SSH

Page 9: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

History

As of 2005 OpenSSH is the single most popular ssh

implementation The default in a large number of operating systems. OSSH meanwhile has become obsolete

In 2006, SSH-2 protocol became a proposed Internet standard Publication by the IETF "secsh" working group of RFCs

Page 10: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Uses of SSH

Page 11: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH is most commonly used:

Page 12: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Uses of SSH:

With an SSH client that supports terminal protocols Remote administration

Of the SSH server computer Via terminal (character-mode) console

Can be used as an alternative to a terminal on a headless server

In combination with SFTP, as a secure alternative to FTP Can be set up more easily on a small scale without a

public key infrastructure and X.509 certificates In combination with rsync to backup, copy and mirror

files efficiently and securely In combination with SCP

A secure alternative for rcp file transfers More often used in environments involving Unix

Page 13: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Uses of SSH

For port forwarding or tunneling Frequently as an alternative to a full-fledged VPN

A (non-secure) TCP/IP connection of an external application is redirected to the SSH program (client or server)

Forwards it to the other SSH party (server or client) In turn forwards the connection to the desired destination host

Forwarded connection is encrypted and protected on the path between the SSH client and server only

Uses of SSH port forwarding include accessing database servers, email servers, securing X11, Windows Remote Desktop and VNC connections or even forwarding Windows file shares

Primarily useful for tunneling connections through firewalls Ordinarily block that type of connection Encrypting protocols which are not normally encrypted (e.g.

VNC).

Page 14: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Uses of SSH

ssh and rdesktop. Three computers

The computer that will run rdesktop and ssh A computer used to obtain access to a remote network The computer you want rdesktop to display.

"ssh -L3389:mytarget.mycompany.net:3389 sshtarget.mycompany.net" log into the middle computer and do nothing on it Open another shell from the first computer running ssh and

type rdesktop localhost. This example uses the middle computer to port forward 3389 from

the end computer to the first computer. If on Windows, run ssh using another local port, e.g.

"ssh -L3390:mydesktop.mycompany.net:3389 sshserver.mycompany.net".

Start the native Windows Remote Desktop client and type localhost:3390 to remote into "mydesktop.mycompany.net"

Page 15: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Uses of SSH

Log into one machine from your local host Login from there to another machine Run an X application (eg. xterm, matlab) on the last machine

to display on your local display This is especially useful for running X applications on a

department host from off campus Had to connect through another department host which is

available for ssh login through the campus firewall Channel the X-window through a series of logins back to the

host at which you are sitting Best way to do this is to make use of the X11-forwarding

feature of ssh For unix/linux to unix/linux, force an X11-forwarding request with

the '-X' option (capitalized x). ssh -X host.com

Page 16: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Uses of SSH

X11-forwarding for through multiple hosts ssh -X hostA.com → ssh -X hostB.com → ssh -X hostC.com ensure the tunnel is working every step of the way by running something like xterm on host B then C. If this does not work the -Y may be needed. ssh -X -Y hostA.com → ssh -X -Y hostB.com → ssh -X -Y hostC.com

with an SSH client that supports dynamic port forwarding (presenting to other programs a SOCKS or HTTP 'CONNECT' proxy interface), SSH can even be used for generally browsing the web through an encrypted proxy connection, using the SSH server as a proxy

Page 17: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Uses of SSH

with an SSH client that supports SSH exec requests (frequently embedded in other software, e.g. a network monitoring program), for automated remote monitoring and management of servers.

Using just a normal ssh login on a server SSH Filesystem can securely mount a

directory on the server as a filesystem on the local computer

Page 18: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH architecture

Page 19: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH architecture

The SSH-2 protocol has a clean internal architecture with well-separated layers: Transport Layer User Authentication Layer Connection Layer

Defined in RFC 4251

Page 20: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH architecture –Transport Layer

The transport layer (RFC 4253) This layer handles initial key exchange and

server authentication and sets up encryption, compression and integrity verification.

It exposes to the upper layer an interface for sending and receiving plaintext packets of up to 32,768 bytes each (more can be allowed by the implementation)

The transport layer also arranges for key re-exchange

Usually after 1 GB of data has been transferred After 1 hour has passed Whichever is sooner

Page 21: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH architecture – User Authentication Layer

The user authentication layer (RFC 4252) This layer handles client authentication and

provides a number of authentication methods. Authentication is client-driven

Commonly misunderstood by users When one is prompted for a password, it may be

the SSH client prompting, not the server The server merely responds to client's

authentication requests

Page 22: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH architecture – User Authentication Layer

Widely used user authentication methods include the following: "password" "publickey" "keyboard-interactive" (RFC 4256) GSSAPI authentication

Page 23: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH architecture – User Authentication Layer

"password“ A method for straightforward password

authentication Includes a facility allowing a password to be

changed This method is not implemented by all

programs

Page 24: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH architecture – User Authentication Layer

"publickey“ a method for public key-based

authentication Usually supporting at least DSA or RSA

keypairs Other implementations also supporting X.509

certificates

Page 25: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH architecture – User Authentication Layer

"keyboard-interactive" (RFC 4256) The server sends one or more prompts to enter

information The client displays them and sends back

responses keyed-in by the user Used to provide one-time password authentication

such as S/Key or SecurID. Used by some OpenSSH configurations when

PAM is the underlying host authentication provider to effectively provide password authentication

Sometimes leads to inability to log in with a client that supports just the plain "password" authentication method

Page 26: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH architecture – User Authentication Layer

GSSAPI authentication methods Provide an extensible scheme to perform

SSH authentication using external mechanisms such as Kerberos 5 or NTLM, providing single sign on capability to SSH sessions.

These methods are usually implemented by commercial SSH implementations for use in organizations, though OpenSSH does have a working GSSAPI implementation.

Page 27: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH architecture – Connection Layer

The connection layer (RFC 4254). This layer defines the concept of channels,

channel requests and global requests using which SSH services are provided.

A single SSH connection can host multiple channels simultaneously, each transferring data in both directions.

Channel requests are used to relay out-of-band channel specific data, such as the changed size of a terminal window or the exit code of a server-side process

The SSH client requests a server-side port to be forwarded using a global request

Page 28: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH architecture – Connection Layer

Standard channel types include: "shell" for terminal shells, SFTP and exec

requests (including SCP transfers) "direct-tcpip" for client-to-server forwarded

connections "forwarded-tcpip" for server-to-client forwarded

connections

Page 29: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SSH architecture

The open architecture provides considerable flexibility Allows SSH to be used for a variety of

purposes beyond secure shell The functionality of the transport layer alone is

comparable to TLS User authentication layer is highly extensible with

custom authentication methods; Connection layer provides the ability to multiplex

many secondary sessions into a single SSH connection

a feature comparable to BEEP and not available in TLS

Page 30: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Security cautions

Page 31: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Security cautions

SSH-1 has inherent design flaws which make it vulnerable to, e.g., man-in-the-middle attacks Now generally considered obsolete

Should be avoided by explicitly disabling fallback to SSH-1

Most modern servers and clients support SSH-2 Some organizations still use software with no

support for SSH-2 SSH-1 cannot always be avoided

Page 32: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Security cautions

In all versions of SSH Important to verify unknown public keys before

accepting them as valid Accepting an attacker's public key as a valid

public key has the effect of disclosing the transmitted password and allowing man in the middle attacks

Page 33: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Security cautions

As with any encrypted protocol: SSH can be considered a security risk by

companies or governments who do not trust their users

Wish to eavesdrop on their communications Furthermore SSH has built in tunneling

features which make it easier for users to achieve passage of large volumes of information or to establish an entry point for unauthorized inward access over a SSH link than with other protocols

Page 34: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

How SSH uses public-key cryptography

Page 35: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

How SSH uses public-key cryptography (with analogy) First, a pair of cryptographic keys is generated.

One is the private key, the other is the public key. As an analogy, they can be thought of as a matching private-

key and a public padlock. The public padlock is what is installed on the remote machine

Used by ssh to authenticate users using the matching private key As a user of the system, don’t care who can see or copy the

padlock (ie the public key) Only the secret private key fits it

The private key is the part you keep secret inside a secure box Can only be opened with the correct passphrase

When the user wants to access a remote system opens the secure box with his passphrase uses the private-key to authenticate him with the padlock on the

remote computer Neither the passphrase nor the private key leave the user's

machine. However, the user still needs to trust the local machine not to

scrape his passphrase or copy his private-key while it's out of the secure box.

Page 36: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SCP

http://en.wikipedia.org/wiki/Secure_copy

Page 37: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SCP

Secure Copy A means of securely transferring computer

files using the Secure Shell (SSH) protocol between a local computer and a remote host between two remote hosts

SCP can refer to two related things: SCP protocol SCP program

Page 38: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SCP protocol

The SCP protocol is similar to the BSD rcp protocol Unlike rcp, data is encrypted during transfer

Avoid potential packet sniffers extracting usable information from the data packets

The protocol itself does not provide authentication and security

Relies on the underlying protocol, SSH, to provide these features

Page 39: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SCP protocol

SCP can interactively request any passwords or passphrases required to make a connection to a remote host Unlike rcp which fails in this situation

The SCP protocol implements file transfers only It does so by connecting to the host using

SSH and there executes an SCP server (scp) The SCP server program is typically the same

program as the SCP client

Page 40: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SCP protocol

For upload, the client feeds the server with files to be uploaded Optionally including their basic attributes

Permissions Timestamps

This is an advantage over the common FTP protocol

Does not have provision for uploads to include the original date/timestamp attribute

Page 41: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SCP protocol

For downloads, the client sends a request for files or directories to be downloaded Server feeds the client with its subdirectories

and files Download is server-driven

Imposes a security risk when connected to a malicious server

Page 42: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SCP protocol

For most applications, the SCP protocol is superseded by the more comprehensive SFTP protocol Also based on SSH

Page 43: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SCP program

A client implementing the SCP protocol A program to perform secure copying

The most widely used SCP client is the command line scp program Provided in most SSH implementations scp program is the secure analog of the rcp

command scp program must be part of all SSH servers

that want to provide SCP service scp functions as SCP server too

Page 44: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SCP program

Some SSH implementations provide the scp2 program Uses the SFTP protocol instead of SCP Provides the very same command line

interface as scp scp is then typically a symbolic link to scp2

Typically, a syntax of scp program is like the syntax of cp: scp SourceFile user@host:directory/TargetFile

scp user@host:folder/SourceFile TargetFile

Page 45: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SCP program

As the SCP protocol implements file transfers only, GUI SCP clients are rare Implementing it requires additional functionality

Directory listing at least For example, WinSCP defaults to the SFTP protocol. Even when operating in SCP mode, clients like WinSCP are typically

not pure SCP clients They must use other means to implement the additional functionality This in turn brings platform-dependency problems

Thus it may not be possible to work with a particular SCP server using a GUI SCP client

Even if you are able to work with the same server using a traditional command line client

More comprehensive tools for managing files over SSH are SFTP clients

Page 46: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SFTP

http://en.wikipedia.org/wiki/SSH_file_transfer_protocol

Page 47: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SFTP

SSH File Transfer Protocol A network protocol that provides file transfer

and manipulation functionality over any reliable data stream

It is typically used with the SSH-2 protocol (TCP port 22) to provide secure file transfer

Intended to be usable with other protocols as well

Page 48: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Capabilities

The SFTP protocol allows for a range of operations on remote files It is more like a remote file system protocol An SFTP client's extra capabilities compared

to an SCP client include: Resuming interrupted transfers Directory listings Remote file removal.

For the same reason it is reasonable to implement a GUI SFTP client, but not a GUI SCP client

Page 49: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Capabilities

SFTP attempts to be more platform-independent than SCP With SCP, the expansion of wildcards specified by the

client was up to the server SFTP's design avoids this problem While SCP was most frequently implemented on Unix

platforms, there exist SFTP servers for most platforms A common misconception is that SFTP is simply FTP

run over SSH In fact it is a new protocol designed from the ground up

by the IETF SECSH working group. It is sometimes confused with Simple File Transfer

Protocol.

Page 50: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Capabilities

The protocol itself does not provide authentication and security It expects the underlying protocol to secure this SFTP is most often used as subsystem of SSH

protocol version 2 implementations Designed by the same working group

However, it is possible to run it over SSH-1 or other data streams

Running SFTP server over SSH-1 is not platform independent as SSH-1 does not support the concept of subsystems

An SFTP client willing to connect to an SSH-1 server needs to know the path to the SFTP server binary on the server side

Page 51: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Capabilities

The Secure Internet Live Conferencing (SILC) protocol defines the SFTP as its default file transfer protocol In SILC the SFTP data is not protected with SSH but

SILC's secure packet protocol Used to encapsulate the SFTP data into SILC packet Deliver it peer-to-peer

SFTP is designed to be protocol independent. For uploads, the transferred files may be associated

with their basic attributes, such as timestamps An advantage over the common FTP protocol

Does not have provision for uploads to include the original date/timestamp attribute

Page 52: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

Standardization

The protocol is not yet an Internet standard. The latest specification is an expired Internet Draft

Defines version 6 of the protocol Currently the most widely used version is 3,

implemented by the popular OpenSSH SFTP server. Many Microsoft Windows-based SFTP

implementations use version 4 of the protocol, which lessened its ties with the Unix platform

The Internet Engineering Task Force (IETF) "Secsh Status Pages" search tool contains links to all versions of the Internet draft-ietf-secsh-filexfer which describes this protocol

Page 53: SSH Secure Shell From: //en.wikipedia.org/wiki/Ssh

SFTP client

The term SFTP can also refer to Secure file transfer program A command-line program Implements the client part of this protocol

Such as that supplied with OpenSSH The sftp program provides an interactive interface

Similar to that of traditional FTP clients Some implementations of the scp program actually

use the SFTP protocol to perform file transfers Some such implementations are still able to fallback to

the SCP protocol if the server does not provide SFTP service