SSH SSH is “Secure SHell” Secure, compressed, widely supported, fast Allows both users to get jobs done, and also allows system administrators to sleep.

Slides:



Advertisements
Similar presentations
Encrypting Wireless Data with VPN Techniques
Advertisements

Chapter 20 Oracle Secure Backup.
Sonny J Zambrana University of Pennsylvania ISC-SEO November 2008.
VPN using SSH Implementing a secure Unix to Unix Virtual Private Network Gary Stainburn Ringways Garages Ltd.
1 Automated SFTP Windows and SUN Linux and SUN. 2 Vocabulary  Client = local=the machine generating the SFTP request  Server = remote = the machine.
DMZ (De-Militarized Zone)
SSH Operation and Techniques - © William Stearns 1 SSH Operation and Techniques The Swiss Army Knife of encryption tools…
PlanetLab What is PlanetLab? A group of computers available as a testbed for computer networking and distributed systems research.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.
Module 9 - Networking. 1.Network Concepts and Commands 2.Network Files 3.Network Services 4.Configure a network device 5.Network File-System (NFS & CIFS)
File sharing. Connect the two win 7 systems with LAN card Open the network.
Free Powerpoint Templates Working on remote computers by Pedro Henriques June 1, 2012.
Remote Accessing Your Home Computer Using VNC and a Dynamic DNS Name.
Remote access and file transfer Getting files on and off Bio-Linux.
Firewalls, Perimeter Protection, and VPNs - SANS © SSH Operation The Swiss Army Knife of encryption tools…
Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.
2440: 141 Web Site Administration Remote Web Server Access Tools Instructor: Enoch E. Damson.
Course 201 – Administration, Content Inspection and SSL VPN
Eucalyptus Virtual Machines Running Maven, Tomcat, and Mysql.
© 2005,2006 NeoAccel Inc. Partners Presentation SSL VPN-Plus 2.0 Quick Start Guide.
Module 8: Configuring Virtual Private Network Access for Remote Clients and Networks.
N ETWORKED & D ISTRIBUTED COMPUTING S YSTEMS L AB Programming Assignments EE323 Computer Networks.
Chapter 10 Networking and the Internet ITSC 1458.
By Kyle Slinger.  A network is where you can send information to and from different PCs.
1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.
Network Operating Systems versus Operating Systems Computer Networks.
Secure Shell for Computer Science Nick Czebiniak Sung-Ho Maeung.
0Gold 11 0Gold 11 LapLink Gold 11 Firewall Service How Connections are Created A Detailed Overview for the IT Manager.
1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.
Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.
1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.
| nectar.org.au NECTAR TRAINING Module 5 The Research Cloud Lifecycle.
Using VCL for Distributed Pair Programming CSC/ECE 517, Spring 2013.
Wireless Networks and the NetSentron By: Darren Critchley.
Client – Server Application Can you create a client server application: The server will be running as a service: does not have a GUI The server will run.
Remote Operation of Light Source Beamlines with (Free)NX Zhijian Yin, Peter Siddons, NSLS, BNL Controls at NSLS Facility Beamlines What Is NX, FreeNX Cybersecurity.
Module 11: Implementing ISA Server 2004 Enterprise Edition.
Application Services COM211 Communications and Networks CDA College Theodoros Christophides
© 2005,2009 NeoAccel Inc. Partners Presentation SSL VPN-Plus 2.3 Quick Start Guide.
SSH Operation The Swiss Army Knife of encryption tools…
Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.
DHP Agenda: How to Access Web Interface of the DHP-1320 on Access Point Mode How to Access Web Interface of the DHP-1320 on Router Mode How to Change.
Protocols COM211 Communications and Networks CDA College Olga Pelekanou
CERN - European Organization for Nuclear Research Beyond ACB – VPN’s FOCUS June 13 th, 2002 Frédéric Hemmer & Denise Heagerty- IT Division.
XWN740 X-Windows Configuring and Using Remote Access (Chapter 13: Pages )‏
Module 10: Windows Firewall and Caching Fundamentals.
CTC228 Nov Today... Catching up with group projects URLs and DNS Nmap Review for Test.
Linux Operations and Administration
Network and Computer Security in the Fermilab Accelerator Control System Timothy E. Zingelman Control System Cyber-Security Workshop (CS)2/HEP Knoxville,
Integrity Check As You Well Know, It Is A Violation Of Academic Integrity To Fake The Results On Any.
FileZilla An open-source success story. Mark Swelstad – Itec400, Winter 2007.
 Last lesson, the Windows Operating System was discussed along with the Windows command shell  Unix is a computer operating system, that similarly manages.
SECURE SHELL MONIKA GUPTA COT OUTLINE What is SSH ? What is SSH ? History History Functions of Secure Shell ? Functions of Secure Shell ? Elements.
SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.
Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.
Secure Communications ● Cleartext vs. encryption and encapsulation ● Protocols not to use ● SSH – scp/ftp – SSH tunnelling ● VPN.
Remote access methods ● SSH ● VPNs ● VNC ● Screen - by Alex Harris.
Virtual Private Network Access for Remote Networks
Ssh: secure shell.
Project 1 Simple Socket Client.
SECURE SHELL MONIKA GUPTA COT 4810.
Simple Socket Client Project 1.
XWN740 X-Windows Configuring and Using Remote Access
Vagrant Managing Virtual Machines
SSH SSH is “Secure SHell” Secure, compressed, widely supported, fast
Lab 7 - Topics Establishing SSH Connection Install SSH Configure SSH
OPS235: Configuring a Network Using Virtual Machines – Part 2
SSH Foo KW-LUG Presentation Epoch jasoneckert.net.
Presentation transcript:

SSH SSH is “Secure SHell” Secure, compressed, widely supported, fast Allows both users to get jobs done, and also allows system administrators to sleep at night Clients for every platform

What SSH can do Allows you to remotely log into systems and run commands Forward traffic over the SSH link (tunnel) Copy files Run commands without logging in

SSH basics

Problems already 1.Always have to type my username in 2.Always have to type in full hostname 3.Always have to type in my password

Problems already Default behaviour – Tries to connect to remote server using the username of your current logged in user – This can be problematic, especially for Macs – Uses the domain name of your local machine (so can’t ssh ui from everywhere in world)

Problem solved You can override default behaviour by using a config file in your home directory – location is ~/.ssh/config

Problem solved 1.Username

Problem solved 1.Username Helps because Physics blocks/bans your IP address if you try connecting incorrectly more than 5 times common cause of this is wrong username

Problem solved 2. Full hostname

Problem solved 3. Password

Problem solved 5. Create private/public key pair (ssh-keygen) Upload public key to remote server (ssh-copy-id) Unlock private key (ssh-add) SSH using keypair – Perfect for automated jobs and scripts! – Won’t work with lxplus – Make sure you password protect your SSH private key – Keep private key secure!

Other config options Wildcards and regex is allowed – e.g. Host * and Host *.ph.unimelb.edu.au will both work – Note that it reads the file from top down, and stops at the first entry that matches

Background of network in Physics ui.atlas.unimelb.edu.au -> Tier 3 log in node – restricted to hosts on AARNet network (uni’s) baker.ph.unimelb.edu.au -> School of Physics SSH gateway – accessible anywhere All other hosts – firewalled (inaccessible) – May think that this restricts you....

SSH forwarding When you ssh, it opens a persistent connection with SSH server We can use this connection to make other traffic travel “through” it – e.g. VNC, NX, SSH, web, files SSH will secure this traffic too! (basis for things like TOR and VPN)

SSH forwarding ssh –L localport:otherhost:otherhostport

SSH forwarding

Connections to local port 2222 get redirected over SSH to remote ssh server, which then redirects to port 22 on ui.atlas.unimelb.edu.au – perfect for SSH’ing “directly” to UI, or for copying files from “non-Uni” places

SSH forwarding

Original connection must be still open! (i.e. can’t close window or disconnect) Can do funky stuff, like be a “catch all” forwarder, for things like web (investigate the –D option in ssh and SOCKS proxy)

NX X is the graphical display manager in Linux It is bulky, and insecure over network Can forward this display using NX (NoMachine) Heavily compresses data, making it easier to display overseas/at home

NX For Melbourne, baker[1-6] have NX servers From home, port forward to port 22 on baker[1-6] through baker.ph.unimelb.edu.au Use NX client ( to connect to forwarded porthttp://

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.