(SSH
(SSH -- Secure
Secure SHell)
SHell)
Silvio C. Sampaio
silviocs@fe.up.pt
Doctoral Programme in Informatics Engineering
PRODEI011 - Computer Systems Security 2009/10
Outline
Overview
Protocol details
Experiments
References
Source: Daniel J. Barrett, Richard E. Silverman, and Robert G. Byrnes SSH: The Secure Shell
(The Definitive Guide), O'Reilly 2005 (2nd edition).
PRODEI011 - Computer Systems Security 2009/10
Silvio C. Sampaio
Methods:
For Server authentication:
Public-Key Authentication
Certificate Authentication
Password Authentication
Public-Key Authentication
Host-Based Authentication
Certificate Authentication
Kerberos Authentication
Pluggable Authentication Module (PAM)
SecurID
Source: Daniel J. Barrett, Richard E. Silverman, and Robert G. Byrnes SSH: The Secure Shell
(The Definitive Guide), O'Reilly 2005 (2nd edition).
PRODEI011 - Computer Systems Security 2009/10
Silvio C. Sampaio
Source: Daniel J. Barrett, Richard E. Silverman, and Robert G. Byrnes SSH: The Secure Shell
(The Definitive Guide), O'Reilly 2005 (2nd edition).
PRODEI011 - Computer Systems Security 2009/10
Silvio C. Sampaio
10
Source: Daniel J. Barrett, Richard E. Silverman, and Robert G. Byrnes SSH: The Secure Shell
(The Definitive Guide), O'Reilly 2005 (2nd edition).
PRODEI011 - Computer Systems Security 2009/10
Silvio C. Sampaio
11
12
13
IDEA
RC4
DES
(Blowfish)
SSH1
OpenSSH
SSH-2 Ciphers
3DES
Blowfish
Twofish
CAST-128
IDEA
RC4
SSH2
F-Secure
SSH2
OpenSSH
x : The implementation supports the algorithm and is included in the default build.
o : The implementation supports the algorithm, but it isn't included in the default build
(it must be specifically enabled when compiling).
- : The implementation doesn't support the algorithm.
14
Cliente(known_hosts) +=
Server(ssh_host_rsa_key.pub)
15
Windows client:
XServer is needed (e.g.
Xming)
Some applications (e.g.
PuTTy) has especific
configurations (but you
can always use the
comand export
DISPLAY=Client_IP)
PRODEI011 - Computer Systems Security 2009/10
Silvio C. Sampaio
16
17
18
19
20
sftp ssampaio@192.168.0.11
Once you are connected:
21
References
1.
2.
3.
4.
22
Thank you!
Any Questions?
Silvio C. Sampaio
silviocs@fe.up.pt
23