Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Saigon CTT Chapter 16 Remote Connectivity. The Saigon CTT  Objectives  Explain : telnet rsh ssh  Configure FTP.

Published byMartin Dickerson Modified over 8 years ago

Similar presentations

Presentation on theme: "The Saigon CTT Chapter 16 Remote Connectivity. The Saigon CTT  Objectives  Explain : telnet rsh ssh  Configure FTP."— Presentation transcript:

1 The Saigon CTT Chapter 16 Remote Connectivity

2 The Saigon CTT  Objectives  Explain : telnet rsh ssh  Configure FTP

3 The Saigon CTT  Telnet  Telnet is used to communicate to a host through telnet protocol on default port 23  It operates on client/server basic. The client requires an account on the server to login  Most telnet servers will not allow you login as root because of security. You can login as normal user and su to root

4 The Saigon CTT  Telnet  telnet is insecure protocol : username and password send from client to server across network in clear text  why people still use it ? - telnet can be used for debugging text based protocol : HTTP, SMTP and POP

5 The Saigon CTT  Relevant File - ~/.telnetrc  When users has.telnetrc file in their home directories, telnet will execute the commands listed in this file. # this is a comment saigonctt send ayt DEFAULT environ export USER

6 The Saigon CTT  Telnet Commands  Command Format : telnet [IP address|host name] [port]  If telnet is executed without options, it will be started in command mode with prompt “telnet>”  You can change to command mode by “Ctrl-]” after connected.

7 The Saigon CTT  Telnet Commands ?, h, help Lists commands with description ? More information of command (arg) open Open connection to the IP address or host name close = quit Terminates connection from client logout Requests server to terminate the connection send Send a special character sequence to the server statusA b rief status report of telnet … ( See #man telnet for more commands )

8 The Saigon CTT  The r Commands  There are 3 programs : rlogin Remote login rsh Remote shell executes command rcp Remote copy  Password NOT required if following files are configured: /etc/hosts.equiv (system-wide) $HOME/.rhosts (per-user) ( Entry : [+|-] [hostname] [username] )

9 The Saigon CTT  The r Commands  rlogin :similar to telnet rlogin [-l username]  rsh : executes cmd on remote host rsh [-l username] Shell meta-characters can be used in To have rsh interpret the meta-characters on remote machine, put `quotation mark around them. If not quotes,meta- characters are interpreted on local machine : # rsh –l minh saigonctt “cat ~/file” > local_file # rsh –l minh saigonctt “cat ~/file” “>” remote_file

10 The Saigon CTT  The r Commands  rcp : copy files between machines rcp @ :  Example : rcp /home/file minh@saigonctt:/backup rcp minh@saigonctt:/backup/file/home rcp -r /etc minh@saigonctt:/backup/etc rcp –p /etc minh@saigonctt:/backup/etc

11 The Saigon CTT  Security of r Commands  centers around the idea of trusted users and hosts, NOT password authentication. Trusted hosts are also known as equivalent hosts If NO hosts.equiv is present, NO hosts are trusted The.rhosts file is used to control access to an individual user account It grant/denies password-free access to an individual user account by means of.rhosts hosts.equiv does NOT work with root account but.rhosts does

12 The Saigon CTT  SSH – Secure Shell  SSH originally authored by Tatu Ylonen in Finland, replacement for telnet, rlogin, rsh, rcp  Everything SSH send across network is encrypted. SSH has become de-factor standard for remote connection  SSH can hanlde X connection

13 The Saigon CTT  SSH Features  Strong authentication with RSA, SecurID, S/Key, Kerberos and TIS  Secure X11 sessions  Arbitrary TCP/IP ports can be redirect through the encrypted channel in both directions  For forwarding, ssh captures on port 6010  Optional compression of all data with gzip  Complete replacement for rlogin, rsh, rcp

14 The Saigon CTT  Component of SSH1 sshd Server ssh Client scp Sercure copy files, replaces rcp ssh-keygen Creates RSA keys (host key and authentication keys) ssh-agent Authetication agent, used to hold RSA keys for authentication ssh-add Used to register new key with the agent make-ssh-known-hosts Used to create /etc/ssh/ssh_known_hosts file

15 The Saigon CTT  Component of SSH2 sshd2 Server ssh2 Client sftp-server2 SFTP Server (executed by sshd2) sftp2 SFTP Client (need ssh2) scp2 Sercure copy files, replaces rcp

16 The Saigon CTT  Component of SSH2 ssh-keygen2 The utility for generating keys ssh-agent2 Authetication agent, used to hold RSA keys for authentication ssh-add2 Add identifier to the authentication agent ssh-askpass2 X11 utility for querying password

17 The Saigon CTT  SSH2 Changes  SSH has been 98% rewritten  Supports other key-exchange methods besides RSA : Diffie-Hellman key exchange  Supports for DSA and other public key algorithms besides RSA

18 The Saigon CTT  SSH2 Changes  New added features : sftp, the secure file transfer protocol  More secure and allows integration into public key infrastrures  Supports “subsystems”, platform- independent module, built-in SOCKS, …

19 The Saigon CTT  Install SSH1 – from OpenSSH  Because of legal reasons, SSH is not included by default in Linux. You can download and install from source code or from OpenSSH  OpenSSH suite includes : ssh (replaces telnet and rlogin) scp (replaces rcp) sftp (replaces ftp)

20 The Saigon CTT  Install SSH1 – from OpenSSH  Server : openssh-server-xxx.rpm (sshd, sshd_config, sftp-server,...)  Client : openssh-clients-xxx.rpm (ssh, ssh_config, sftp,...)  Addtion tools : openssh-xxx.rpm (scp, ssh-keygen,...)

21 The Saigon CTT  Configure SSH1  Configure files : Server : /etc/ssh/sshd_config Client : /etc/ssh/ssh_config These file contains keyword-value pairs, one per line, use ‘#’ as comment. Keyword are case sensitive : # more /etc/ssh/sshd_config Port22 ListenAddress0.0.0.0 PermitRootLogin yes IgnoreRhosts yes RhostsAuthentication no RSAAuthentication yes PasswordAuthentication yes...

22 The Saigon CTT  File Transfer - ftp  ftp (file transfer protocol) provides service for file transfer from/to your computer.  All Linux distributions offer the wu-ftpd program, which is ftp daemon developed at Washington University.  wu-ftpd is the most common daemon on the Internet

23 The Saigon CTT  FTP – Relevant Files  /etc/ftpaccess /etc/ftphosts  /etc/ftpusers  /etc/ftpconversion

24 The Saigon CTT  /etc/ftpaccess  It’s main configuration file class all real,guest,anonymous * email root@localhost loginfails 5 message /welcome.msg login message.message cwd=* compress yes all tar yes all chmod no guest,anonymous delete no anonymous rename no anonymous …

25 The Saigon CTT  /etc/ftphosts  It’s used to allow or deny access to certain accounts from various hosts. allow henry10.1.2.3 denyfredexample.org 10.2.3.*

26 The Saigon CTT  /etc/ftpusers  It contains login names of users who are NOT allow to login to your system root bin daemon adm lp mail news uucp …

27 The Saigon CTT  Proftpd  It’s another powerful ftp server, not popular as wu-ftpd but easier to configure and more secure.  It can run as stand-alone server or from inetd  Relevant files : /usr/sbin/in.proftpd: server daemon /etc/proftpd.conf: main configuration file

28 The Saigon CTT  /etc/proftpd.conf

29 The Saigon CTT  The End

Download ppt "The Saigon CTT Chapter 16 Remote Connectivity. The Saigon CTT  Objectives  Explain : telnet rsh ssh  Configure FTP."

Similar presentations

SSH Operation and Techniques - © 2001-2006 William Stearns 1 SSH Operation and Techniques The Swiss Army Knife of encryption tools…

SSH Operation and Techniques - © William Stearns 1 SSH Operation and Techniques The Swiss Army Knife of encryption tools…
Chapter 19 FTP: Transferring Files Across a Network

Chapter 19 FTP: Transferring Files Across a Network
OpenSSH (SSH - Secure SHell) Silvio C. Sampaio Doctoral Programme in Informatics Engineering PRODEI011 - Computer Systems Security –

OpenSSH (SSH - Secure SHell) Silvio C. Sampaio Doctoral Programme in Informatics Engineering PRODEI011 - Computer Systems Security –
Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.

Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Guide To UNIX Using Linux Third Edition

Guide To UNIX Using Linux Third Edition
TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.
CS 497C – Introduction to UNIX Lecture 35: - TCP/IP Networking Tools Chin-Chih Chang

CS 497C – Introduction to UNIX Lecture 35: - TCP/IP Networking Tools Chin-Chih Chang
Firewalls, Perimeter Protection, and VPNs - SANS ©2001 1 SSH Operation The Swiss Army Knife of encryption tools…

Firewalls, Perimeter Protection, and VPNs - SANS © SSH Operation The Swiss Army Knife of encryption tools…
Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.

Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.
Telnet/SSH: Connecting to Hosts Internet Technology1.

Telnet/SSH: Connecting to Hosts Internet Technology1.
2440: 141 Web Site Administration Remote Web Server Access Tools Instructor: Enoch E. Damson.

2440: 141 Web Site Administration Remote Web Server Access Tools Instructor: Enoch E. Damson.
OpenSSH: A Telnet Replacement Presented by Aaron Grothe Heimdall Linux, Inc.

OpenSSH: A Telnet Replacement Presented by Aaron Grothe Heimdall Linux, Inc.
1 Web Server Administration Chapter 9 Extending the Web Environment.

1 Web Server Administration Chapter 9 Extending the Web Environment.
SSH. Review 1-minute exercise: Find the open ports on you own VM [Good] nmap 127.0.0.1 [Better] netstat -lpunt.

SSH. Review 1-minute exercise: Find the open ports on you own VM [Good] nmap [Better] netstat -lpunt.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.

Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
SUSE Linux Enterprise Server Administration (Course 3037) Chapter 10 Manage Remote Access.

SUSE Linux Enterprise Server Administration (Course 3037) Chapter 10 Manage Remote Access.
Chapter 10 Networking and the Internet ITSC 1458.

Chapter 10 Networking and the Internet ITSC 1458.
1 Web Server Administration Chapter 9 Extending the Web Environment.

1 Web Server Administration Chapter 9 Extending the Web Environment.

Similar presentations

Ads by Google