SSH

Comprehensive Guide to SSH

SSH (Secure SHell; see abbreviationfinder) is the name of a protocol and the program that implements it, and is used to access remote machines over a network. It allows you to completely manage the computer through a command interpreter, and it can also redirect X traffic to be able to run graphical programs if we have an X Server (on Unix and Windows systems) running.

In addition to connecting to other devices, SSH allows us to safely copy data (both individual files and simulate encrypted FTP sessions), manage RSA keys to avoid writing keys when connecting to devices and pass data from any other application through a channel tunnelled secure using SSH.

Security

SSH works in a similar way to how it is done with telnet.The main difference is that SSH uses encryption techniques that make the information that travels through the communication medium go unreadable and no third person can discover the username and password of the connection or what is written during the entire session; although it is possible to attack this type of system through REPLAY attacks and thus manipulate the information between destinations.

History

At first there were only r-commands, which were based on the rlogin program, which works in a similar way to telnet.

The first version of the protocol and the program were free and were created by a Finn named Tatu Ylönen, but his license was changing and the company SSH Communications Security ended up appearing, which offered it free for home and academic use, but demanded payment from other companies.. In 1997 (two years after the first version was created) it was proposed as a draft in the IETF.

At the beginning of 1999 a version began to be written that would become the free implementation par excellence, that of OpenBSD, called OpenSSH.

Authentication

Password authentication

SSH allows to authenticate a user using their ordinary Unix password . The only (and important) difference is that the password never travels clearly on the network. If we use SSH to replace telnet, rlogin or ftp, we will avoid the danger of our password being captured by possible ” sniffers ” on the network.

On the other hand, we will continue to be vulnerable to so-called “dictionary attacks” against the password: if an attacker has access to the / etc / passwd file, it is not difficult to find passwords formed from words that can appear in a dictionary. This means that it is still extremely important that the administrator properly protect the / etc / passwd file and that users use “strong” passwords (as random as possible, combining uppercase, lowercase, digits, and punctuation).

Public key authentication

The second authentication alternative uses a public / private key scheme, also known as an asymmetric key. In this scheme a key pair is used:

  1. A public key, which is copied to all the servers we want to connect to.
  2. A private key, which only we own; For added security, this key is encrypted with a passphrase.

These two keys have an important characteristic: a text encrypted with the public key can only be decrypted using the private key, while a text encrypted with the private key can only be decrypted using the public key.

Let’s see how this property applies to the authentication process:

  1. The server sends us a message, which we must return encrypted with our private key.
  2. The server decrypts the response message with our public key.
  3. The server compares the resulting message with the original text; if they match, the server considers us duly authenticated

Of course, this whole process is transparent to the user; we will only have to worry about typing the passphrase when the program asks for it. The weakest point of this scheme is how to get our public key to the server. At the moment there is no automatic way to do it, and there is no other way than to do it by hand.

The main advantage of this authentication method is that, even if an attacker managed to compromise the server, he could only gain access to our public key, but never to our private key. In any case, in order to prevent a possible compromise of the client, it is necessary that the private key is protected with a suitable passphrase. In this way, no one will be able to use it even if they somehow manage to get hold of it.

In the case of connecting from a Unix machine, a secondary advantage is that an authentication agent can be used to avoid having to type the passphrase on each connection.

The biggest drawback to public key authentication is the pre-setup phase, which can be somewhat cumbersome. The steps to follow are:

  1. Generation of the keys.
  2. Propagation of the public key.
  3. Key pair selection

Connecting to a remote server

To connect to a remote SSH server from a Unix / Linux client we can open a console and type:

$ ssh name.machine.com

If we want to connect as root on the remote server, but we are on the client as other users, we can type:

$ ssh -l root hostname.com

SSH

About the author