SSH Secure Shell and friends From http en

  • Slides: 58
Download presentation
SSH Secure Shell (and friends) From: http: //en. wikipedia. org/wiki/Ssh

SSH Secure Shell (and friends) From: http: //en. wikipedia. org/wiki/Ssh

SSH n Secure Shell (SSH) n Network protocol n n Allows data to be

SSH n Secure Shell (SSH) n Network protocol n n Allows data to be exchanged over a secure channel between two computers Encryption provides : § Confidentiality § Integrity of data n SSH uses public-key cryptography to authenticate the remote computer n n Allows the remote computer to authenticate the user, if necessary Two programs needed: n n ssh – ssh on the “client” sshd – ssh daemon on the “server”

SSH n Used to log into a remote machine and execute commands n Supports

SSH n Used to log into a remote machine and execute commands n Supports tunneling n Forwards arbitrary TCP ports and X 11 connections n Basis for other secure protocols n Transferring files n n SFTP SCP Used by VPNs n Secure remote mounting of file systems n

SSH n An SSH server n Listens on TCP port 22 (default) n ssh

SSH n An SSH server n Listens on TCP port 22 (default) n ssh clients connect to ssh daemons n n ssh clients establish connections sshd daemons accept remote connections § Both typically available for current OSs § Mac OS X, Linux, Solaris, Open. VMS, … § Server and clients versions for Windows available also n Proprietary, freeware and open source versions of various levels of complexity and completeness exist

HISTORY

HISTORY

History n SSH-1 n 1995: Tatu Ylönen designed the first version of the protocol

History n SSH-1 n 1995: Tatu Ylönen designed the first version of the protocol (SSH-1) n n n Prompted by a password-sniffing attack at his university’s network Goal of SSH was to replace the earlier rlogin, TELNET and rsh protocols § Did not provide strong authentication or guarantee confidentiality Ylönen released his implementation as freeware in July 1995 § Tool quickly gained in popularity Towards the end of 1995, the SSH user base had grown to 20, 000 users in fifty countries. December 1995: Ylönen founded SSH Communications Security to market and develop SSH. n n Original version of the SSH software used various pieces of free software § such as GNU libgmp Later versions released by SSH Secure Communications evolved into increasingly proprietary software

History n SSH-2 n 1996: SSH-2 designed n incompatible with SSH-1. n SSH-2 featured

History n SSH-2 n 1996: SSH-2 designed n incompatible with SSH-1. n SSH-2 featured both security and feature improvements over SSH-1 n Better security through Diffie-Hellman key exchange n Strong integrity checking via message authentication codes n New features of SSH-2 included the ability to run any number of shell sessions over a single SSH connection

History n 1999: developers wanted a free software version n Went back to the

History n 1999: developers wanted a free software version n Went back to the 1. 2. 12 release of the original ssh program n n n Last released under an open source license Björn Grönvall's OSSH developed from this codebase Open. BSD developers forked Björn's code n n Extensive work done Created Open. SSH § Shipped with the 2. 6 release of Open. BSD n “Portability" branch was formed to port Open. SSH to other operating systems n At the end of 2000 n Estimated 2, 000 users of SSH

History n As of 2005 n Open. SSH is the single most popular ssh

History n As of 2005 n Open. SSH is the single most popular ssh implementation n Default in a large number of operating systems n OSSH has become obsolete n SSH-2 protocol n Became a proposed Internet standard in 2006 n Publication by the IETF "secsh" working group of RFCs

Uses of SSH

Uses of SSH

MOST COMMON SSH USES:

MOST COMMON SSH USES:

Uses of SSH: n SSH client supporting terminal protocols n Remote administration n Of

Uses of SSH: n SSH client supporting terminal protocols n Remote administration n Of the SSH server computer n Via terminal (character-mode) console n Used as an alternative to a terminal on a headless server n SSH with SFTP n Secure alternative to FTP n Can be set up more easily on a small scale without a public key infrastructure and X. 509 certificates n SSH with rsync n Backup, copy and mirror files efficiently and securely n SSH with SCP n Secure alternative for rcp file transfers n More often used in environments involving Unix

Uses of SSH n Port forwarding or tunneling n Frequently as an alternative to

Uses of SSH n Port forwarding or tunneling n Frequently as an alternative to a full-fledged VPN n A (non-secure) TCP/IP connection of an external application is redirected to the SSH program (client or server) § Forwards it to the other SSH party (server or client) § In turn forwards the connection to the desired destination host n n n Forwarded connection is encrypted and protected on the path between the SSH client and server only Uses of SSH port forwarding include accessing database servers, email servers, securing X 11, Windows Remote Desktop and VNC connections or even forwarding Windows file shares Primarily useful for tunneling connections through firewalls n n Ordinarily block that type of connection Encrypting protocols which are not normally encrypted § e. g. VNC

Uses of SSH n Log into one machine from your local host Login from

Uses of SSH n Log into one machine from your local host Login from another machine n Run an X application (eg. xterm, matlab) on the last machine to display on your local display n Especially useful for running X applications on a department host from off campus n Had to connect through another department host which is available for ssh login through the campus firewall n Channel the X-window through a series of logins back to the host at which you are sitting n Best way to do this is to make use of the X 11 -forwarding feature of ssh n For unix/linux to unix/linux, force an X 11 -forwarding request with the '-X' option (capitalized x). ssh -X host. com n

Uses of SSH n X 11 -forwarding for through multiple hosts n ssh -X

Uses of SSH n X 11 -forwarding for through multiple hosts n ssh -X host. A. com → ssh -X host. B. com → ssh -X host. C. com n n ensure the tunnel is working every step of the way by running something like xterm on host B then C If this does not work the -Y may be needed ssh -X -Y host. A. com → ssh -X -Y host. B. com → ssh -X -Y host. C. com Use an SSH client that supports dynamic port forwarding (presenting to other programs a SOCKS or HTTP 'CONNECT' proxy interface) n SSH can be used to generally browse the web through an encrypted proxy connection n use the SSH server as a proxy

Uses of SSH n Automated remote monitoring and management of servers with an SSH

Uses of SSH n Automated remote monitoring and management of servers with an SSH client that supports SSH exec requests n frequently embedded in other software, e. g. a network monitoring program n n SSH File system n Securely mount a directory on the server n Acts as a filesystem on the local computer n Use normal ssh login on a server

SSH ARCHITECTURE

SSH ARCHITECTURE

SSH architecture n The SSH-2 protocol has a clean internal architecture with well-separated layers:

SSH architecture n The SSH-2 protocol has a clean internal architecture with well-separated layers: Transport Layer n User Authentication Layer n Connection Layer n n Defined in RFC 4251

TRANSPORT LAYER

TRANSPORT LAYER

SSH architecture – Transport Layer n The transport layer (RFC 4253) n Handles initial

SSH architecture – Transport Layer n The transport layer (RFC 4253) n Handles initial key exchange and server authentication n Sets up: n n Exposes to the upper layer an interface for sending and receiving plaintext packets of up to 32, 768 bytes each n n Encryption Compression Integrity verification More can be allowed by the implementation Transport layer also arranges for key re-exchange After 1 GB of data has been transferred - or n After 1 hour has passed n Whichever is sooner n

AUTHENTICATION LAYER

AUTHENTICATION LAYER

SSH architecture – User Authentication Layer n User authentication layer (RFC 4252) n Handles

SSH architecture – User Authentication Layer n User authentication layer (RFC 4252) n Handles client authentication n Provides several authentication methods n Authentication is client-driven § Commonly misunderstood by users § When prompted for a password § May be the SSH client prompting § Not the server § Server responds to client's authentication requests

SSH architecture – User Authentication Layer n Widely used user authentication methods include the

SSH architecture – User Authentication Layer n Widely used user authentication methods include the following: n "password" n "publickey" n "keyboard-interactive” n GSSAPI authentication

SSH architecture – User Authentication Layer n "password“ style n Method for straightforward password

SSH architecture – User Authentication Layer n "password“ style n Method for straightforward password authentication Includes a facility allowing a password to be changed n Method not implemented by all programs n

SSH architecture – User Authentication Layer n "publickey" style n Method for public key-based

SSH architecture – User Authentication Layer n "publickey" style n Method for public key-based authentication Usually supporting at least DSA or RSA keypairs n Other implementations also supporting X. 509 certificates n

SSH architecture – User Authentication Layer n "keyboard-interactive" style n Server sends one or

SSH architecture – User Authentication Layer n "keyboard-interactive" style n Server sends one or more prompts to enter information n Client displays them n Sends back responses keyed-in by the user n Used to provide one-time password authentication such as S/Key or Secur. ID. n Used by some Open. SSH configurations when PAM is the underlying host authentication provider to effectively provide password authentication n Sometimes leads to inability to log in with a client that supports just the plain "password" authentication method

SSH architecture – User Authentication Layer n GSSAPI authentication methods n API to allow

SSH architecture – User Authentication Layer n GSSAPI authentication methods n API to allow SSH authentication n n Generic Security Services Application Program Interface Provide an extensible scheme to perform SSH authentication using external mechanisms such as Kerberos 5 or NTLM, providing single sign on capability to SSH sessions. n Used by commercial SSH implementations § Used in organizations § Note: Open. SSH does have a working GSSAPI implementation

CONNECTION LAYER

CONNECTION LAYER

SSH architecture – Connection Layer n Connection layer (RFC 4254) n Defines which SSH

SSH architecture – Connection Layer n Connection layer (RFC 4254) n Defines which SSH services are provided: n n Single SSH connection can host multiple channels simultaneously n n Channels Channel requests Global requests Each transfers data in both directions Channel requests are used to relay out-of-band channel specific data, e. g. : n n Changed size of a terminal window Exit code of a server-side process

SSH architecture – Connection Layer n n SSH client requests a server-side port to

SSH architecture – Connection Layer n n SSH client requests a server-side port to be forwarded using a global request Standard channel types include: n "shell" for terminal shells, SFTP and exec requests (including SCP transfers) n "direct-tcpip" for client-to-server forwarded connections n "forwarded-tcpip" for server-to-client forwarded connections

SSH architecture n Open architecture provides considerable flexibility Allows SSH to be used for

SSH architecture n Open architecture provides considerable flexibility Allows SSH to be used for a variety of purposes beyond secure shell n Transport layer works similar to TLS n n n User authentication layer is highly extensible with custom authentication methods; Connection layer provides the ability to multiplex many secondary sessions into a single SSH connection § a feature comparable to BEEP and not available in TLS

SECURITY CAUTIONS

SECURITY CAUTIONS

Security cautions n SSH-1 has inherent design flaws which make it vulnerable to man-in-the-middle

Security cautions n SSH-1 has inherent design flaws which make it vulnerable to man-in-the-middle type attacks Avoid by explicitly disabling fallback to SSH-1 n Most modern servers and clients support SSH-2 n n n Some organizations still use software with no support for SSH-2 SSH-1 cannot always be avoided

Security cautions n In all versions of SSH n Important to verify unknown public

Security cautions n In all versions of SSH n Important to verify unknown public keys before accepting them as valid n Accepting an attacker's public key as a valid public key has the effect of disclosing the transmitted password and allowing man in the middle attacks

Security cautions n As with any encrypted protocol: n SSH can be considered a

Security cautions n As with any encrypted protocol: n SSH can be considered a security risk by companies or governments who do not trust their users n Wish to eavesdrop on their communications n SSH has built in tunneling features n make it easier for users to achieve passage of large volumes of information n establish an entry point for unauthorized inward access over a SSH link n Not using the other protocols

HOW SSH USES PUBLIC-KEY CRYPTOGRAPHY

HOW SSH USES PUBLIC-KEY CRYPTOGRAPHY

How SSH uses public-key cryptography (with analogy) n First, a pair of cryptographic keys

How SSH uses public-key cryptography (with analogy) n First, a pair of cryptographic keys is generated n One is the private key, the other is the public key. n As an analogy, think of as a matching private-key and a public padlock § The public padlock is what is installed on the remote machine § Used by ssh to authenticate users using the matching private key n As a user of the system, don’t care who can see or copy the padlock (i. e. the public key) § Only the secret private key fits it n Private key is the part you keep secret inside a secure box § Can only be opened with the correct passphrase n When the user wants to access a remote system § opens the secure box with his passphrase § uses the private-key to authenticate him with the padlock on the remote computer n Neither the passphrase nor the private key leave the user's machine § User still needs to trust the local machine § not to scrape his passphrase § copy his private-key while it's out of the secure box

http: //en. wikipedia. org/wiki/Secure_copy SCP

http: //en. wikipedia. org/wiki/Secure_copy SCP

SCP n Secure Copy n Securely transferring computer files using the Secure Shell (SSH)

SCP n Secure Copy n Securely transferring computer files using the Secure Shell (SSH) protocol n n Between a local computer and a remote host Between two remote hosts n SCP can refer to two related things: n SCP protocol n SCP program

SCP protocol n Similar to the BSD rcp protocol n Unlike rcp, data is

SCP protocol n Similar to the BSD rcp protocol n Unlike rcp, data is encrypted during transfer n Avoid potential packet sniffers extracting usable information from the data packets n Copy Protocol itself does not provide authentication and security n Relies on SSH to provide these features

SCP protocol n SCP can interactively request any passwords or passphrases required to make

SCP protocol n SCP can interactively request any passwords or passphrases required to make a connection to a remote host n Unlike rcp which fails in this situation n SCP protocol implements file transfers only n Does by connecting to the host n n n using SSH executes an SCP server (scp) SCP server program is typically the same program as the SCP client

SCP n Base command: n scp [ [user@]host 1: ]file 1. . . [

SCP n Base command: n scp [ [user@]host 1: ]file 1. . . [ [user@]host 2: ]file 2 n Complete syntax: n scp [-1246 BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file] [-l limit] [-o ssh_option] [-P port] [-S program] [ [user@]host 1: ]file 1. . . [ [user@]host 2: ]file 2 n Notes: n Can copy: n n n Remote to Local to Remote 1 to Remote 2

SCP protocol n For upload: n Client feeds the server with files to be

SCP protocol n For upload: n Client feeds the server with files to be uploaded n Optionally including their basic attributes § Permissions § Timestamps n An advantage over the common FTP protocol n FTP does not have provision for uploads to include the original date/timestamp attribute

SCP protocol n For downloads n Client sends a request for files or directories

SCP protocol n For downloads n Client sends a request for files or directories to be downloaded n Server feeds the client with its subdirectories and files n Download is server-driven n Imposes a security risk when connected to a malicious server

SCP protocol n For most applications, the SCP protocol is superseded by the more

SCP protocol n For most applications, the SCP protocol is superseded by the more comprehensive SFTP protocol n Also based on SSH

SCP program n Client implementing the SCP protocol n Program to perform secure copying

SCP program n Client implementing the SCP protocol n Program to perform secure copying n Most widely used SCP client n CLI scp program n Provided in most SSH implementations n scp program is the secure analog of the rcp command n scp program must be part of all SSH servers that want to provide SCP service n scp functions as SCP server too

SCP program n Some SSH implementations provide the scp 2 program Uses the SFTP

SCP program n Some SSH implementations provide the scp 2 program Uses the SFTP protocol instead of SCP n Provides same command line interface as scp n scp is typically a symbolic link to scp 2 n n Syntax of the scp program is like that of cp: n Simple examples: n scp Source. File user@host: directory/Target. File scp user@host: folder/Source. File Target. File

SCP program n As the SCP protocol implements file transfers only, GUI SCP clients

SCP program n As the SCP protocol implements file transfers only, GUI SCP clients are rare n n Implementing it requires additional functionality n Directory listing at least For example, Win. SCP defaults to the SFTP protocol. Even when operating in SCP mode, clients like Win. SCP are typically not pure SCP clients n They must use other means to implement the additional functionality n This in turn brings platform-dependency problems Thus it may not be possible to work with a particular SCP server using a GUI SCP client n Even if you are able to work with the same server using a traditional command line client n More comprehensive tools for managing files over SSH are SFTP clients

http: //en. wikipedia. org/wiki/SSH_file_transfer_protocol SFTP

http: //en. wikipedia. org/wiki/SSH_file_transfer_protocol SFTP

SFTP n SSH File Transfer Protocol n A network protocol that provides file transfer

SFTP n SSH File Transfer Protocol n A network protocol that provides file transfer and manipulation functionality over any reliable data stream n It is typically used with the SSH-2 protocol (TCP port 22) to provide secure file transfer n Intended to be usable with other protocols as well

Capabilities n The SFTP protocol allows for a range of operations on remote files

Capabilities n The SFTP protocol allows for a range of operations on remote files More like a remote file system protocol n SFTP client's extra capabilities compared to SCP client’s include: n n n Resuming interrupted transfers Directory listings Remote file removal For the same reason it is reasonable to implement a GUI SFTP client, but not a GUI SCP client

Capabilities n SFTP attempts to be more platform-independent than SCP n n n With

Capabilities n SFTP attempts to be more platform-independent than SCP n n n With SCP, the expansion of wildcards specified by the client was up to the server SFTP's design avoids this problem While SCP was most frequently implemented on Unix platforms, there exist SFTP servers for most platforms n A common misconception is that SFTP is simply FTP run over SSH n n In fact it is a new protocol designed from the ground up by the IETF SECSH working group. It is sometimes confused with Simple File Transfer Protocol

Capabilities n The protocol itself does not provide authentication and security n n n

Capabilities n The protocol itself does not provide authentication and security n n n Expects the underlying protocol to secure SFTP is most often used as subsystem of SSH protocol version 2 implementations n Designed by the same working group However, it is possible to run it over SSH-1 or other data streams Running SFTP server over SSH-1 is not platform independent as SSH-1 does not support the concept of subsystems An SFTP client willing to connect to an SSH-1 server needs to know the path to the SFTP server binary on the server side

Capabilities n Secure Internet Live Conferencing (SILC) protocol defines the SFTP as its default

Capabilities n Secure Internet Live Conferencing (SILC) protocol defines the SFTP as its default file transfer protocol n n In SILC the SFTP data is not protected with SSH but SILC's secure packet protocol n Used to encapsulate the SFTP data into SILC packet n Deliver it peer-to-peer SFTP is designed to be protocol independent. n For uploads n Transferred files may be associated with their basic attributes, such as timestamps n An advantage over the common FTP protocol n Does not have provision for uploads to include the original date/timestamp attribute

Standardization n The protocol is not yet an Internet standard n The latest specification

Standardization n The protocol is not yet an Internet standard n The latest specification is an expired Internet Draft n n Currently the most widely used version is 3 n n Defines version 6 of the protocol Implemented by the popular Open. SSH SFTP server Many Microsoft Windows-based SFTP implementations use version 4 of the protocol, which lessened its ties with the Unix platform n The Internet Engineering Task Force (IETF) "Secsh Status Pages" search tool contains links to all versions of the Internet draft-ietf-secsh-filexfer which describes this protocol

SFTP client n The term SFTP can also refer to Secure file transfer program

SFTP client n The term SFTP can also refer to Secure file transfer program n n A command-line program Implements the client part of this protocol n Such as that supplied with Open. SSH n sftp program provides an interactive interface n Similar to that of traditional FTP clients n Some implementations of the scp program actually use the SFTP protocol to perform file transfers n Some such implementations are still able to fallback to the SCP protocol if the server does not provide SFTP service

In which case would it be desirable to use rcp instead of scp 1.

In which case would it be desirable to use rcp instead of scp 1. Too difficult to enter a password 2. Transferring a large public domain file 3. Copying sensitive files in a local network 4. It is never acceptable to use an insecure protocol

Summary n Use secure methods when possible

Summary n Use secure methods when possible