PYTHON PROGRAMMING

SEMINAR II
Secure Shell

Presented By:

Samuel Alexander V
 What is secure shell?

The Secure Shell Protocol is a cryptographic network protocol for

operating network services securely over an unsecured network. Its
most notable applications are remote login and command-line
execution. SSH applications are based on a client–server architecture,
connecting an SSH client instance with an SSH server
 SSH – Secure Shell
•SSH is a cryptographic protocol
–Implemented in software originally for remote login applications
–One most popular software implementing SSH is PuTTY
–Download and test for free
–http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
–You need a login account on a server (usually Linux) supporting logins through
SSH
•Servers usually operate SSH at TCP port 22
–What is a TCP port?
 SSH Protocol Basics
•Host authentication (to the user)
–Known hosts
•Server on the list of trusted hosts on client machine
•Danger of spoofing
•User authentication (to the server)
–Password based
•User enters a username and password
•Sent encrypted with Server’s public key
–RSA/DSA
•Server maintains copy of user’s public key
•Method 1: signed session id: The client signs a session id. The server verifies it with the
corresponding public key
•Method 2: challenge-response: Server encrypts a random number with the user’s public
key; Client proves identity by decrypting it.
 Uses and Advantages of SSH

•SSH Overcomes limitation of Telnet

–Of transmitting passwords in clear on networks on the way to
the server
•Originally designed for remote login
–But can also be used for encrypted file transfer
•Increasingly used to transport other applications
–This is called SSH port forwarding or tunnelling
 SSH-Architecture
•Client-Server architecture
•An SSH server program listens on a computer’s TCP port
22
•An SSH Client program (e.g. PuTTY) requests connection
to the server
•Disconnects when finished
•Or when server announces time out
 SSH - Software

•Several implementations for both SSH Client and Servers exist

–PuTTY is just one of them (and the most popular)
•Linux:
–Client: OpenSSH Client (most popular)
•Run at the command line with the command “ssh”
–Server: OpenSSH Server (most popular)
•Either starts automatically at startup or by typing command “sshd” (stands for ssh
daemon)
•Windows:
–Client: PuTTY (most popular)-Has a GUI
–Server: SSH Server by OpenSSH
•Uncommon but not impossible to have SSH Server on Desktop machine
 Port forwarding –more examples
•Say your academic institution subscribed to journals and articles from
various websites
–Where authentication is based on the institution’s IP address range
–Meaning that only people within the institution (physically) can get
access
•But if you can forward a local port on the Web Proxy via a SSH server
accessible from outside, you can appear to websites as though you
are accessing from within your institution
Thank
You..,