Secure Shell (SSH)

Secure Shell (SSH)

Secure SHell (SSH) © André Zúquete Advanced Network Security SSH (Secure SHell, RFC 4251): Goals An application and a secure communication protocol over TCP/IP Allows the establishment of secure remote sessions Replacing insecure telnet/rlogin sessions Allows the multiplexing of many data flows over a secure session Secure tunneling Security mechanisms Confidentiality and integrity control Including data flow hiding Key distribution Session key Mutual authentication Server host (or server) Client user © André Zúquete Advanced Network Security SSH: Exploitation Secure remote logins Instead of telnet/rlogin Secure remote command execution Instead of rsh/rcmd/rexec Secure file transfer and backup Secure FTP / Secure copy Port forwarding and tunneling For adding security to multiple data flows through a single SSH session © André Zúquete Advanced Network Security SSH: History Created by Tatu Ylönen First version released in 1995 Second version released in 1998 Not compatible with the previous one Björn Grönvall developed OSSH in 1999 From the last open source release of SSH OpenBSD launched the OpenSSH project (www.openssh.org ) Extending OSSH © André Zúquete Advanced Network Security SSH: Architecture Client-server architecture Server usually on port 22 Services include login, ftp, file copy and TCP tunneling © André Zúquete Advanced Network Security SSH: Protocols Transport Layer Protocol (RFC 4253) Key distribution Session key computing with ephemeral DH values Server authentication With pre-distributed, non-certified public key Signature of DH values and resulting key Exchange of secure messages Compression Encryption Integrity control Individual messages Message sequence Authentication Protocol (RFC 4252) User authentication Shared key (password), asymmetric keys Connection Protocol (RFC 4254) Multiplexing of TCP flows over a single secure session Port forwarding © André Zúquete Advanced Network Security SSH: Server authentication Image from [1] Each server has an asymmetric key pair Public key not certified On each session setup the servers sends its public key Clients key a database with known keys IP indexed Keys are imported when not present Or when different from the current ones Import operations are critical Man-in-the-middle attacks can poison clients’ databases with wrong public keys © André Zúquete Advanced Network Security SSH: Client authentication Image from [1] Runs over a secure channel Enables users to exchange passwords with servers for authentication The server publishes the available authentication methods The user choses the prefered one Authentication methods are defined for users and services User + service methods Methods Shared key (password) The server knows the password (or a transformation of it) Asymetric key pair The server knows the public key of the user © André Zúquete Advanced Network Security SSH: Outgoing (static) tunneling Mapping between an SSH client port and a remote host port Ex. host1:port1 host3:port3 host 0 host 1 host 2 host 3 SSH SSH client client daemon server port mapping The session between host1 and host2 may support TCP connections over a single outgoing tunnel Many outgoing tunnels may be defined Data flows of all TCP connections over all outgoing tunnels are indistinguishable © André Zúquete Advanced Network Security SSH: Ingoing (static) tunneling Mapping between an SSH daemon port and a remote host port Ex. host2:port2 host0:port0 host 0 host 1 host 2 host 3 SSH SSH server client daemon client port mapping The session between host1 and host2 may support TCP connections over a single ingoing tunnel Many ingoing tunnels may be defined Very useful for remote X11 applications Running on host3 and using the remote display of host0 © André Zúquete Advanced Network Security SSH: Dynamic (outgoing) tunneling Dynamic mapping between an SSH client port and SOCKS- provided server ports host 0 host 1 host 2 host 3 SSH SSH client client daemon server dynamic SOCKS port The server end-point address is provided to the SSH client by means of SOCKS Only works with SOCKS-enable client applications e.g. browsers © André Zúquete Advanced Network Security SOCKS (RFC 1928) © André Zúquete Advanced Network Security PuTTY SSH client: Tunnel management (1/2) acceptance of clients other than the SSH client and server tunnel listenning port tunnel destination port local (static, outgoing) remote (static, ingoing) dynamic (local, outgoing) © André Zúquete Advanced Network Security PuTTY SSH client: Tunnel management (2/2) host 0 host 1 host 2 host 3 SSH SSH client client daemon server Lport1 port3 port mapping host 0 host 1 host 2 host 3 SSH SSH server client daemon client port0 Rport2 port mapping host 0 host 1 host 2 host 3 SSH SSH client client daemon server Dport1 dynamic port © André Zúquete Advanced Network Security SSH agents Agents are applications that provide SSH clients a password-free usage of private keys unlock SSH SSH unlock SSH SSH key client daemon key client daemon private agent private keys keys © André Zúquete Advanced Network Security Documents and references [1] Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes, “ SSH, The Secure Shell: The Definitive Guide ”, Second Edition, Mai 2005, ISBN 978-0-596-00895-6 RFC 4250, The Secure Shell (SSH) Protocol Assigned Numbers RFC 4251, The Secure Shell (SSH) Protocol Architecture RFC 4252, The Secure Shell (SSH) Authentication Protocol RFC 4253, The Secure Shell (SSH) Transport Layer Protocol RFC 4254, The Secure Shell (SSH) Connection Protocol RFC 4255, Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints RFC 4256, Generic Message Exchange Authentication for the Secure Shell Protocol (SSH) RFC 4335, The Secure Shell (SSH) Session Channel Break Extension RFC 4344, The Secure Shell (SSH) Transport Layer Encryption Modes RFC 4345, Improved Arcfour Modes for the Secure Shell (SSH) Transport Layer Protocol RFC 4419, Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol (March 2006) RFC 4432, RSA Key Exchange for the Secure Shell (SSH) Transport Layer Protocol (March 2006) RFC 4462, Generic Security Service Application Program Interface (GSS-API) Authentication and Key Exchange for the Secure Shell (SSH) Protocol (May 2006) RFC 4716, The Secure Shell (SSH) Public Key File Format (November 2006) RFC 5656, Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer (December 2009) © André Zúquete Advanced Network Security.

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    16 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us