Presentation is loading. Please wait.

Presentation is loading. Please wait.

Overview – SOE Openssh Sep 2014.

Published byEdgar Clarke Modified over 6 years ago

Similar presentations

Presentation on theme: "Overview – SOE Openssh Sep 2014."— Presentation transcript:

1 Overview – SOE Openssh Sep 2014

2 What is SOE Openssh? It’s a FREE version of the SSH connectivity tools
Provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions. An Open Source replacement for both SSH and everything SSH can replace Implements v2 of the SSH protocol The SSH protocol encrypts all traffic between machines are encrypted. Telnet does not encrypt any information, passwords and account ids are passed in the clear. Using OpenSSH as a replacement for telnet, rlogin, rsh, rcp, ftp, X11.

3 What Security does SOE Openssh provide?
Data Privacy through Encryption Data Integrity to guarantee unaltered communications Authentication of users and servers. Authorisation of user actions. Forwarding to protect other TCP/IP based applications Secure X11 sessions

4 How OpenSSH Differ from SSH?
OpenSSH is Open Source OpenSSH has an active user community for support SSH offers commercial support contracts SSH has recently revised their license to allow for more free use on Linux and BSD platforms SSH is a commercial product with all the pros and cons associated with that An Open Source product can become an integral part of your security planning

5 SOE OpenSSH Composition
Openssh-6.6p1 - Secure shell component OpenSSL-1.0.1h - Cryptography toolkit that implements Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Zlib Compression library that provides in-memory compression and de-compression functions Prngd Random number generator daemon for systems that lack the /dev/random device.

6 SOE OpenSSH Examples Remote host login $/opt/soe/local/bin/ssh Hostx
File transfer $/opt/soe/local/bin/scp /etc/hosts hostx:/hosts.sourcehost Non-interactive file transfer without passphrase generate and distribute a public key $opt/soe/local/bin/ssh-keygen -t rsa –N "“ Copy the public key $/opt/soe/local/bin/scp ~/.ssh/id_rsa.pub hostx:~/.ssh/authorized_keys2 $/opt/soe/local/bin/scp /etc/hosts hostx:~/hosts.sourcehost Compression Test $ /opt/soe/local/bin/ssh -l userx -C hostx

7 SOE OpenSSH Supported OS
Operating System Version Architecture Sun Solaris 8 Sun Sparc Solaris 9 Solaris 10 Sun Sparc/x86-64 Architecture Solaris 11 HP-UX HP-UX11i HP PA-RISC HP-UX11i V2 (11.23) HP PA-RISC/ HP Itanium HP-UX11i V3 (11.31)  AIX AIX 5.3 IBM pSeries AIX 6.1 AIX 7.1 Linux RHEL Server 5.x x86-64 Architecture RHEL Server 6.x RHEL Server 7.0 RHEL Workstation 6.x RHEL Workstation 7.0 Suse 10 Suse11 Cent OS 5.x(5.5 onwards) Cent OS 6.x Cent OS 7.0 Oracle Enterprise Linux 5.x Oracle Enterprise Linux 6.x Oracle Enterprise Linux 7.0 Zlinux Zlinux 6.x Zlinux 7.0

8 UnixSOE Openssh 6.6p1– What is New?
New features Compiled Openssh v6.6p1 with openssl-1.0.1h. See for detailed information.This is primarily a bugfix release. Major security fix is : IBM AIX OpenSSL Multiple Vulnerabilities IV, which has multiple OpenSSL vulnerabilities defined by CVE Numbers CVE ,CVE ,CVE , CVE ,CVE See for new features. ssh(1), sshd(8): this release removes the J-PAKE authentication code. This code was experimental, never enabled and had been unmaintained for some time. ssh(1): when processing Match blocks, skip 'exec' clauses other clauses predicates failed to match. ssh(1): if hostname canonicalisation is enabled and results in the destination hostname being changed, then re-parse ssh_config(5) files using the new destination hostname. This gives 'Host' and 'Match' directives that use the expanded hostname a chance to be applied. ssh(1): avoid spurious "getsockname failed: Bad file descriptor" in ssh -W. bz#2200, debian# sshd(8): allow the shutdown(2) syscall in seccomp-bpf and systrace sandbox modes, as it is reachable if the connection is terminated during the pre-auth phase. ssh(1), sshd(8): fix unsigned overflow that in SSH protocol 1 bignum parsing. Minimum key length checks render this bug unexploitable to compromise SSH 1 sessions. sshd_config(5): clarify behaviour of a keyword that appears in multiple matching Match blocks. bz#2184 . ssh(1): avoid unnecessary hostname lookups when canonicalisation is disabled. bz#2205 sshd(8): avoid sandbox violation crashes in GSSAPI code by caching the supported list of GSSAPI mechanism OIDs before entering the sandbox. bz#2107 . ssh(1): fix possible crashes in SOCKS4 parsing caused by assumption that the SOCKS username is nul-terminated. ssh(1): fix regression for UsePrivilegedPort=yes when BindAddress is not specified. ssh(1), sshd(8): fix memory leak in ECDSA signature verification. ssh(1): fix matching of 'Host' directives in ssh_config(5) files to be case-insensitive again (regression in 6.5).

9 Solution Pack Unix SOE & TI Services
Questions & Feedback Product Support Helpline

Download ppt "Overview – SOE Openssh Sep 2014."

Similar presentations

Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
Sonny J Zambrana University of Pennsylvania ISC-SEO November 2008.

Sonny J Zambrana University of Pennsylvania ISC-SEO November 2008.
SSH Operation and Techniques - © 2001-2006 William Stearns 1 SSH Operation and Techniques The Swiss Army Knife of encryption tools…

SSH Operation and Techniques - © William Stearns 1 SSH Operation and Techniques The Swiss Army Knife of encryption tools…
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.
Firewalls, Perimeter Protection, and VPNs - SANS ©2001 1 SSH Operation The Swiss Army Knife of encryption tools…

Firewalls, Perimeter Protection, and VPNs - SANS © SSH Operation The Swiss Army Knife of encryption tools…
Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.

Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.
Telnet/SSH: Connecting to Hosts Internet Technology1.

Telnet/SSH: Connecting to Hosts Internet Technology1.
OpenSSH: A Telnet Replacement Presented by Aaron Grothe Heimdall Linux, Inc.

OpenSSH: A Telnet Replacement Presented by Aaron Grothe Heimdall Linux, Inc.
SUSE Linux Enterprise Server Administration (Course 3037) Chapter 10 Manage Remote Access.

SUSE Linux Enterprise Server Administration (Course 3037) Chapter 10 Manage Remote Access.
The Saigon CTT Chapter 16 Remote Connectivity. The Saigon CTT  Objectives  Explain : telnet rsh ssh  Configure FTP.

The Saigon CTT Chapter 16 Remote Connectivity. The Saigon CTT  Objectives  Explain : telnet rsh ssh  Configure FTP.
Secure Shell for Computer Science Nick Czebiniak Sung-Ho Maeung.

Secure Shell for Computer Science Nick Czebiniak Sung-Ho Maeung.
Shell Protocols Elly Bornstein Hiral Patel Pranav Patel Priyank Desai Swar Shah.

Shell Protocols Elly Bornstein Hiral Patel Pranav Patel Priyank Desai Swar Shah.
Andreas Steffen, 15.11.2011, 11-SSH.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen M. Liebi Institute for Internet Technologies and Applications.

Andreas Steffen, , 11-SSH.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen M. Liebi Institute for Internet Technologies and Applications.
AE6382 Secure Shell Usually referred to as ssh, the name refers to both a program and a protocol. The program ssh is one of the most useful networking.

AE6382 Secure Shell Usually referred to as ssh, the name refers to both a program and a protocol. The program ssh is one of the most useful networking.
User Access to Router Securing Access.

User Access to Router Securing Access.
CSCE 815 Network Security Lecture 26 SSH and SSH Implementation April 24, 2003.

CSCE 815 Network Security Lecture 26 SSH and SSH Implementation April 24, 2003.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.

Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
Application Services COM211 Communications and Networks CDA College Theodoros Christophides

Application Services COM211 Communications and Networks CDA College Theodoros Christophides
Secure Shell (SSH) Presented By Scott Duckworth April 19, 2007.

Secure Shell (SSH) Presented By Scott Duckworth April 19, 2007.

Similar presentations

Ads by Google