OpenSSH: A Telnet Replacement Presented by Aaron Grothe Heimdall Linux, Inc.

Slides:



Advertisements
Similar presentations
Network Security.
Advertisements

Sonny J Zambrana University of Pennsylvania ISC-SEO November 2008.
SSH Operation and Techniques - © William Stearns 1 SSH Operation and Techniques The Swiss Army Knife of encryption tools…
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
OpenSSH (SSH - Secure SHell) Silvio C. Sampaio Doctoral Programme in Informatics Engineering PRODEI011 - Computer Systems Security –
SSH: An Internet Protocol By Anja Kastl IS World Wide Web Standards.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Guide To UNIX Using Linux Third Edition
COS 420 DAY 24. Agenda Assignment 5 posted Chap Due May 4 Final exam will be take home and handed out May 4 and Due May 10 Student evaluations Latest.
TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Firewalls, Perimeter Protection, and VPNs - SANS © SSH Operation The Swiss Army Knife of encryption tools…
Cs490ns-cotter1 SSH / SSL Supplementary material.
Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.
SSH Secure Login Connections over the Internet
Telnet/SSH: Connecting to Hosts Internet Technology1.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
OpenInfreno An Open Source RootWars Platform Dennis W. “LittleW0lf” Mattison
Chapter 10 Networking and the Internet ITSC 1458.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
The Saigon CTT Chapter 16 Remote Connectivity. The Saigon CTT  Objectives  Explain : telnet rsh ssh  Configure FTP.
Secure Shell for Computer Science Nick Czebiniak Sung-Ho Maeung.
Shell Protocols Elly Bornstein Hiral Patel Pranav Patel Priyank Desai Swar Shah.
SSH and SSL CIT304 University of Sunderland Harry R. Erwin, PhD.
Andreas Steffen, , 11-SSH.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen M. Liebi Institute for Internet Technologies and Applications.
Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.
TCP/IP fundamentals Unit objectives Discuss the evolution of TCP/IP Discuss TCP/IP fundamentals.
AE6382 Secure Shell Usually referred to as ssh, the name refers to both a program and a protocol. The program ssh is one of the most useful networking.
Directory and File transfer Services By Jothi. Two key resources Lightweight Directory Access Protocol (LDAP) File Transfer protocol Secure file transfer.
CSCE 815 Network Security Lecture 26 SSH and SSH Implementation April 24, 2003.
Tunneling and Securing TCP Services Nathan Green.
Application Services COM211 Communications and Networks CDA College Theodoros Christophides
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 13 FTP and Telnet.
Secure Shell (SSH) Presented By Scott Duckworth April 19, 2007.
SSH Operation The Swiss Army Knife of encryption tools…
REMOTE LOGIN. TEAM MEMBERS AMULYA GURURAJ 1MS07IS006 AMULYA GURURAJ 1MS07IS006 BHARGAVI C.S 1MS07IS013 BHARGAVI C.S 1MS07IS013 MEGHANA N. 1MS07IS050 MEGHANA.
ORAFACT The Secure Shell. ORAFACT Secure Shell Replaces unencrypted utilities rlogin and telnet rsh rcp Automates X11 authentication Supports tunneling.
FTP File Transfer Protocol Graeme Strachan. Agenda  An Overview  A Demonstration  An Activity.
SSH Tricks Slide 1 SSH Tricks Matthew G. Marsh. SSH Tricks Slide 2 Overview  SSH –What is it –How does it work  Discussion of Network Topology –Tricks.
Phil Hurvitz Securing UNIX Servers with the Secure.
SSH Tricks for CSF Slide 1 NEbraskaCERT SSH Tricks Matthew G. Marsh 05/21/03.
1 SSH / SSL Supplementary material. 2 Secure Shell (SSH) One of the primary goals of the ARPANET was remote access Several different connections allowed.
Protocols COM211 Communications and Networks CDA College Olga Pelekanou
Team 6 Decrypting Encryption Jeffrey Vordick, Charles Sheefel, and Shyam Rasaily.
Introduction to UNIX CS 2204 Class meeting 1 *Notes by Doug Bowman and other members of the CS faculty at Virginia Tech. Copyright
SECURE SHELL MONIKA GUPTA COT OUTLINE What is SSH ? What is SSH ? History History Functions of Secure Shell ? Functions of Secure Shell ? Elements.
SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.
Linux 101 Mark C. Ballew ACES Program Desert Research Institute.
1 Example security systems n Kerberos n Secure shell.
Secure Communications ● Cleartext vs. encryption and encapsulation ● Protocols not to use ● SSH – scp/ftp – SSH tunnelling ● VPN.
1 Free Electrons. Kernel, drivers and embedded Linux development, consulting, training and support. http//free-electrons.com SSH Thomas Petazzoni Free.
Overview – SOE Openssh Sep 2014.
Secure services Unit-IV CHAP-1
Overview – SOE Openssh Dec 2013.
Ssh: secure shell.
Overview – SOE Openssh v7.1p1
SECURE SHELL MONIKA GUPTA COT 4810.
Module 4 Remote Login.
File Transfer Olivia Irving and Cameron Foss
SSH – The ‘Secure’ Shell
Telnet/SSH Connecting to Hosts Internet Technology.
Lab 7 - Topics Establishing SSH Connection Install SSH Configure SSH
Linux Security.
SSH – the practical solution
Chapter 7 Network Applications
MESSAGE ACCESS AGENT: POP AND IMAP
Presentation transcript:

OpenSSH: A Telnet Replacement Presented by Aaron Grothe Heimdall Linux, Inc.

Overview ¥Questions ¥Top 5 Rejected Presentation Titles ¥History of OpenSSH ¥What OpenSSH offers ¥How OpenSSH differs from SSH ¥Why OpenSSH? ¥Diagram of an OpenSSH connection ¥Where to get OpenSSH ¥Installing OpenSSH ¥Demonstration ¥Q & A

Questions ¥How many of you use telnet to connect to remote computers? ¥How many of you use pop-3 to access a remote mailbox over the internet? ¥How many of you use non-anonymous ftp to access remote machines?

Top 5 Rejected Presentation Titles ¥Telnet Must Die ¥Poor Man's VPN ¥Welcome to Telnet, You've Been Hacked ¥OpenSSH Good ¥OpenSSH Choice of a New Generation

History of OpenSSH ¥Secure Shell (SSH) was developed by Tatu Ylönen as a replacement for the BSD "r-commands", rsh, rlogin, rcp ¥SSH can also be used as a replacement for telnet and ftp ¥SSH can also be used for port forwarding/encrypting regular tcp traffic (E.g. Pop- 3, X11, etc)

History of OpenSSH (2) ¥SSH was originally released with a very liberal license ¥SSH inc. was formed to take care of the commercialization of SSH ¥Over time SSH's license became more restrictive – For almost any commercial use you needed a license

History of OpenSSH (3) ¥Björn Grönvall took an early version of SSH (v1.2) with the more liberal license and began to release patches/updates to it ¥Björn called his product OSSH ¥Added support for SSH protocol v1.5 ¥OSSH available at ftp://ftp.pdc.kth.se/pub/krypto/ossh/ ftp://ftp.pdc.kth.se/pub/krypto/ossh/

History of OpenSSH (4) ¥The OpenBSD group needed a replacement for the BSD r-commands, so they decided to create OpenSSH based upon OSSH ¥The OpenBSD group has put the whole of the OpenSSH source code as used in OpenBSD through a through code review

History of OpenSSH (5) ¥The OpenBSD group decided to create a version of OpenSSH that would be portable to a variety of operating systems (AIX, SCO UNIX, Linux, Windows, etc.) ¥OpenBSD uses the SSL libraries created by the OpenSSL group to create the portable versionhttp://

What OpenSSH offers ¥OpenSSH is an Open Source replacement for both SSH and everything SSH can replace ¥OpenSSH implements v2 of the SSH protocol (defined as an RFC-draft)

How OpenSSH differs from SSH ¥OpenSSH is Open Source ¥OpenSSH has an active user community for support ¥OpenSSH is free to use ¥SSH offers commercial support contracts ¥SSH has recently revised their license to allow for more free use on Linux and BSD platforms ¥SSH is a commercial product with all the pros and cons associated with that

Why OpenSSH? ¥The SSH protocol encrypts all traffic between machines are encrypted. Telnet does not encrypt any information, passwords and account ids are passed in the clear. ¥OpenSSH is a free program implementing the SSH protocol ¥OpenSSH has been reviewed by a team of security experts to reduce the number of bugs in it

Diagram of an SSH session ¥2 machines Home and Work exist connected by a network Home Work

Diagram of an SSH session ¥A User on home wants to login into Work remotely ¥On home the user enters the command – # ssh work ¥Home connects to Work and compares the key for Work it has in its local database. ¥If the key doesn't exist it asks the user if they want to accept the key Work is offering ¥The user accepts the key or the key stored on the system is retrieved

Diagram of an SSH session (2) ¥A session key is negotiated between the two systems ¥Home then asks the user for the account password on Work if necessary ¥The login information is then used an attempt to login is performed

OpenSSH & Patents ¥RSAThe RSA patent has expired, allowing the free use of their algorithms ¥IDEA still has some restrictions in Europe, the OpenSSH directions detail how to compile OpenSSH to not use that algorithm if needed

Demonstration (telnet & rlogin) ¥Using OpenSSH as a replacement for telnet and rlogin ¥Acess remote machine from local machine – # ssh work

Demonstration (rsh) ¥Using OpenSSH as a replacement for rsh ¥Perform a command on the remote command – # ssh work ls

Demonstration (rcp) ¥Using OpenSSH as a replacement for rcp ¥Copy a file from the remote machine to my local machine – # scp work:/testfile.

Demonstration (ftp) ¥Using OpenSSH as a replacement for ftp ¥To replace ftp you need to use xbill – # sftp work – # ls – # get filename – # close

Demonstration (X11 forwarding) ¥Using OpenSSH as a replacement for to automatically encrypt forward an X11 session ¥Start a session on the remote machine and pop up an application like eyes (note: use -C option for compression) – # ssh -C -X work – # xeyes

Cool things I'm not showing ¥Using ssh as a secure transport mechanism pop-3 wrapper ¥Using the authentication-agent. Authentication- agent is a cool tool that allows you to store keys in memory so you don't have to retype the passwords all the time ¥Smartcard support ¥Kerebos authentication

Lessons From OpenSSH ¥An Open Source product can become an integral part of your security planning ¥Be careful what license you use for releasing software ¥Telnet should be replaced by openssh ¥The BSD r-commands: rcp, rsh, rlogin should be replaced by more secure replacements

Alternatives to OpenSSH (1) ¥Alternative implementations of SSH Protocol – LSH is a GPL replacement for SSH/OpenSSH sh/lsh " Designed with the goal of total compatibility with SSH " Development should pick up now that the RSA patent has expired " Not as well-developed at this time as OpenSSH

Alternatives to OpenSSH (2) ¥Alternative protocols – SSLwrap wraps any protocol in an SSL-protected tunnelhttp:// " Uses original protocol with minimal modifications use telnet/ftp/rcp securely " Have to modify each individual protocol separately " Author admits it has not been heavily tested

Website References ¥OpenSSH HOWTO – linux.com/openssh/index.html ¥OpenSSH Homepage – ¥SSH Homepage – ¥This presentation (talks page at Heimdall Linux) –

Usenet Groups ¥comp.security.ssh or – General purpose newsgroup talks about ssh, openssh, ossh and the SSH protocol

Books ¥Unix Secure Shell – Author: Anne Carasik: ISBN: – Details mostly SSH ¥SSH, the Secure Shell : The Definitive Guide – Authors: Daniel J. Barrett, Richard Silverman – ISBN: – Not currently published

Contacting Me

Q & A ¥Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.