0% found this document useful (0 votes)
53 views

Lecture 13 - Secure Shell

The Secure Shell (SSH) protocol provides secure login and file transfer over insecure networks. It has three components: the transport layer for encryption and server authentication, user authentication such as with passwords or keys, and the connection protocol that multiplexes channels like for remote shells or port forwarding. SSH uses strong encryption and authentication to protect against sniffing passwords, man-in-the-middle attacks, and replay attacks on the network.

Uploaded by

Akt Parihar
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
53 views

Lecture 13 - Secure Shell

The Secure Shell (SSH) protocol provides secure login and file transfer over insecure networks. It has three components: the transport layer for encryption and server authentication, user authentication such as with passwords or keys, and the connection protocol that multiplexes channels like for remote shells or port forwarding. SSH uses strong encryption and authentication to protect against sniffing passwords, man-in-the-middle attacks, and replay attacks on the network.

Uploaded by

Akt Parihar
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

14-07-2020

Secure Shell

Secure Shell
• The Secure Shell (SSH) protocol is a protocol for secure remote login
and other secure network services over an insecure network
• It is a secure alternative to the non-protected login protocols (such
as telnet
• Developed by Tatu Ylonen (Helsinki University of Finland), later on
commercialized by SSH Communications Security Corp., Finland
14-07-2020

The Secure Shell (SSH) Architecture


There are there components of SSH
• SSH Transport Layer Protocol - provides server authentication,
confidentiality, and integrity with perfect forward secrecy
• SSH User Authentication Protocol - authenticates the client to the
server
• SSH Connection Protocol - multiplexes the encrypted tunnel into
several logical channels (enables secure shell session, TCP port
forwarding/ tunneling, etc.)

The Secure Shell (SSH) Architecture


14-07-2020

SSH Transport Layer Protocol


• SSH TLP typically runs on top of TCP/IP
• When used over TCP the server normally listens for connections on port 22
• It Provides
 encryption of user data
 server authentication (based on asymmetric host key/s)
 integrity protection (origin and data)
 compression of data prior to encryption (optionally)
• Key exchange method, public key algorithm, symmetric encryption
algorithm, message authentication algorithm, and hash algorithm are all
negotiated (source: RFC 4253).

SSH Transport Layer Protocol


14-07-2020

SSH TLP Packet Formation

SSH User Authentication Protocol


• After the key exchange, the client
requests a service by sending
SSH_MSG_SERVICE_REQUEST packet
to request either the User
Authentication or the Connection
Protocol
14-07-2020

SSH User Authentication Protocol


• The SSH Authentication Protocol runs over the SSH Transport Layer
Protocol; it assumes that the underlying protocol provides integrity
and confidentiality protection. The protocol has access to the
session_id (source: RFC 4252).
• Supports three user authentication methods:
 Public key (required)
 Password (optional)
 Host-based (optional)
• The server controls which authentication methods can be used.

SSH User Authentication Protocol


Public key
• The client sends to the server a signed message comprising the session id, the
user name, the user's public key, and some other info. The signature is generated
using the user's private key.
• Upon message reception, the server checks whether the supplied public key is
acceptable for authentication, and if so, check whether the signature is correct.
Password
• The client essentially sends the user name and the password in clear; they are
however protected by the SSH Transport Security Protocol.
Host-based
• Authentication is based on the host that the user is coming from and the user
name on the remote host.
14-07-2020

SSH Connection Protocol


• Provides:
 interactive login sessions
 remote execution of commands
 forwarded TCP/IP connections
(port forwarding)
 forwarded X11 connections
• These apps implemented as channels
multiplexed into an encrypted
tunnel; the tunnel is provided by the
SSH Transport Layer Protocol.

SSH Connection Protocol: Port Forwarding


• Port forwarding or SSH tunneling
is one of the most useful features
of SSH.
• Using port forwarding one can
convert any insecure TCP
connection into a secure SSH
connection
14-07-2020

SSH Connection Protocol: Port Forwarding


• -L is used in local port forwarding
• -R is used in remote port forwarding
ssh -L sourcePort:DEST-HOST:destPort SSH-HOST
ssh -R sourcePort:DEST-HOST:destPort SSH-HOST

ssh -L 8080:localhost:80 fesb.hr


ssh -R 80:localhost:80 fesb.hr

Protection from attacks


• Eavesdropping or Password Sniffing
• Man-in-the-Middle Attack (MITM)
• Insertion and Replay Attacks

You might also like