SECURE SHELL

INTRODUCTION
What is SSH ?
01
HISTORY
Creator of SSH 02
03
LAYERS OF SSH
PROTOCOL
Transport layre protocol,
TABLE OF
User Authentication protocol &
Connection Protocol CONTENTS

04 ATTACKS ON SSH
Type of attacks possible
in ssh

SYSTEM / USER

05 CONFIGURATION FILES
Config files with folders
01
INTRODUCTION
 INTRODUCTION

SSH is a protocol for secure remote login and other

secure network. - RFC 4251

Secure Channel Between two computers,it provides data

confidentiality and integrity.

Many uses other than remote shell

 02
HISTORY
 HISTORY

SSH- 1 designed in 1995 by Tatu Ylönen

Ylönen founded SSH Communication Security in Decemeber

1995

SSH-2 designed in 1996

Open Source Implementation (OSSH and OpenSSH) created in

1999
 03
Layers of
SSH protocol
 SSH PROTOCOL LAYERS

TRANSPORT
LAYER

AUTHENTICATION CONNECTION
LAYER LAYER
 LAYERING OF SSH 03
PROTOCOLS

● Transport Layer Protocol - it provides server authentication, confidentiality and

integrity

● User Authentication Protocol - It authenticates the client-side user to the server

● Connection Protocol - It multiplexes the tunnel into logical channels

● New can co-exist with the existing ones.

03 TRANSPORT LAYER PROTOCOL
Public-key host authentication -
● Lets the client know the correct server is on the other end
● DSS or RSA, raw or through OpenPGP

Strong symmetric encryption -

● Uses Diffie-Hellman algorithm for secure key exchange
● Many ciphers are supported: 3des, blowfish, twofish,aes, etc., most
with multiple key sizes
● New key generated every 1GB or 1 hour

Data Integrity via MACs(Message authentication codes) -

● SHA-1 and MD5 are supported
03 USER AUTHENTICATION PROTOCOL

Multiple authentication methods -

● Public-key, password, host-based

● Extensible

Server tells client which methods can be used, client picks the
most convenient method

Provides a single authenticated channel to connection protocol

03
CONNECTION PROTOCOL

Provides multiple channels -

● Interactive login sessions
● Remote execution of commands
● Forwarded X11 connections
● Forwarded TCP/IP connections

All channels are multiplexed into a single encryption tunnel

04
ATTACKS ON SSH

Man-in-the-middle:

● Very easy if the client does not have the server’s public key prior to
connecting.
● Attacker masquerades between the client and server

Denial of Service

Covert Channels
05
SYSTEM CONFIGURATION FILES
(OpenSSH)

/etc/ssh/

● sshd_config - SSH server configuration

● ssh_config - SSH client configuration
● ssh_host_*_key - private host keys
● ssh_host_*_key.pub - public host keys
● ssh_known_host - list of known public host keys
05
USER CONFIGURATION FILES

~/.ssh/

● id_* - private authentication keys

● id_*.pub - public authentication keys
● Known_hosts - list of known public host keys
● authorized_keys - list of allowed public authentication keys
05
PUBLIC-KEY AUTHENTICATION

$ ssh-keygen -t rsa

$ cat ~/.ssh/id_rsa.pub | ssh <remote-host> ‘cat - >>

~/.ssh/authorized_keys’

$ ssh <remote-host>
 SamiAbdul 106_Sam 106_Sam

THANKS
Does anyone have any questions?

[email protected]

ABDUL SAMI (A.K.A 106_Sam)

Cyber Security Researcher,
CREDITS: This presentation template was created by Slidesgo, includingCyber World Organization,
icons by Flaticon, and infographics & images by Freepik. New Delhi
Please keep this slide for attribution.