Skip to main content

Secure Shell

aliases:

  • SSH

A network protocol that enables the secure transfer of data between two clients hosted on an unsecured network.

SSH can be used to perform remote logins, file transfers and program execution over the command line interface. SSH is the principal means of obtaining secure remote access to UNIX and Linux based systems, as well as most types of network appliances, including switches, routers, and firewalls. As well as terminal emulation, SSH is used as SFTP.

SSH runs on 22/tcp.

SSH Host Key

SSH servers are identified by a public/private keypair, referred to as the host key. A mapping of host names to public keys is kept manually by each SSH client, but enterprise software products have appliances for SSH key management as well.

  • [i] Managing valid client public keys is a critical security task. Many recent attacks on web servers have exploited poor key management. If a user's private key is compromised, delete the public key from the appliance, then regenerate the key pair on the user's (remediated) client device and copy the public key to the SSH server. Always delete public keys if the user's access permissions have been revoked.

Client Authentication

Three ways.

  • Username/Password
  • Public Key authentication
  • Kerberos

Command Set

  • sshd Start the SSD server.
  • ssh-keygen Create a keypair to use to access server
  • ssh-copy-id Copy the public key of a keypair to the SSH server
  • ssh-agent Configure a service to use to store the keys used to access multiple host
  • ssh <host> Use the SSH client to connect to the server
  • ssh <username>@<host> Connect with a different username
  • ssh <host> [cmd] Execute a terminal command on the host without initiating a shell session

#VIII

No comments to display

Back to top