Presentation is loading. Please wait.

Presentation is loading. Please wait.

SSH – The ‘Secure’ Shell

Published byLeona Romani Modified over 5 years ago

Similar presentations

Presentation on theme: "SSH – The ‘Secure’ Shell"— Presentation transcript:

1 SSH – The ‘Secure’ Shell
Course: CSCI 5931 Web Security Instructor : Dr.Yang Presented by Karthik Sadasivam 9/20/2018

2 Secure What.. ? ‘Secure shell is a de facto standard for remote logins and encrypted file transfers.’ [SSH communications inc.] Founded in 1995 by Tatu Ylonen, a researcher at Helsinki University of Technology, Finland It provides authentication and encryption for business critical applications to work securely over the internet. Originally introduced for UNIX terminals as a replacement for the insecure remote access “Berkeley services" , viz. rsh, rlogin, rcp, telnet, etc. It can also be used for port forwarding of arbitrary TCP/IP or X11 connections (interactive terminals) It is a layer over TCP/IP and runs on the port 22. 9/20/2018

3 Why SSH? The three core security requirements for a remote access technology – confidentiality, integrity and authentication Most of the earlier technologies lack confidentiality and integrity. For e.g Telnet and FTP transmit username and passwords in cleartext. They are vulnerable to attacks such as IP spoofing, DoS, MITM and eavesdropping. Secure shell satisfies all the three requirements by using: Data Encryption to provide confidentiality Host-based and (or) client-based authentication Data integrity using MACs and hashes 9/20/2018

4 Flavors of SSH There are two incompatible versions of the SSH protocol: SSH-1 and SSH-2 SSH-2 was introduced in order to fix several bugs in SSH-1 and also includes several new features Both versions have technical glitches and are vulnerable to known attacks (discussed later) SSH-1 is more popular nowadays due to licensing issues with SSH-2 OpenSSH is a free version of the SSH with open source code development. It supports both the versions and mainly used in UNIX environment. 9/20/2018

5 The SSH-1 protocol exchange
Server Client Opens a TCP connection to port 22 SSH protocol version exchange e.g ASCII :” SSH ” Server identification {H+S+list of ciphers and authentication methods+cookie} + session parameters Selected data cipher +encrypted session key K(H,S) +cookie Server acknowledgement encrypted with K Secure connection established! Server authenticated 9/20/2018 H – host key ; S- Server Key ; cookie- sequence of 8 random bytes; K- session key

6 The SSH-1 protocol exchange (contd.)
Once secure connection is established, client attempts to authenticate itself to server. Some of the authentication methods used are: Kerberos RHosts and RHostsRSA Public key Password based authentication (OTP) Integrity checking is provided by means of a weak CRC -32 Compression is provided using the “deflate” algorithm of GNU gzip utility. It is beneficial for file transfer utilities such as ftp, scp, etc. 9/20/2018

7 The SSH-2 protocol SSH-1 is monolithic, encompassing multiple functions into a single protocol whereas SSH-2 has been separated into modules and consists of 3 protocols: SSH Transport layer protocol (SSH-TRANS) : Provides the initial connection, packet protocol, server authentication and basic encryption and integrity services. SSH Authentication protocol (SSH-AUTH) : Verifies the client’s identity at the beginning of an SSH-2 session, by three authentication methods: Public key, host based and password. SSH Connection protocol (SSH-CONN) : It permits a number of different services to exchange data through the secure channel provided by SSH-TRANS. A fourth protocol SSH protocol architecture (SSH-ARCH) describes the overall architecture. All the protocols are still in the draft stage. 9/20/2018

8 The SSH-2 protocol (contd.)
9/20/2018 [Source: ‘Analysis of Secure shell vulnerability’ – white paper ]

9 SSH-1 vs SSH-2 SSH-2 SSH-1 Separate transport, authentication and connection protocols One monolithic protocol Strong cryptographic integrity check Weak CRC-32 integrity check No server keys needed due to Diffie Hellman Key exchange Server key used for forward secrecy on the session key Supports public key certificates N/A Algorithms used: DSA, DH, SHA-1, MD5, 3DES, Blowfish, Twofish, CAST-128, IDEA, ARCFOUR RSA, MD5, CRC-32, 3DES, IDEA, ARCFOUR, DES Periodic replacement of session keys 9/20/2018

10 Is SSH really secure? Secure shell does counter certain types of attacks such as: Eavesdropping Name service and IP spoofing Connection hijacking MITM Insertion attack However it fails against these attacks: Password cracking IP and TCP attacks SYN flooding TCP RST, bogus ICMP TCP desynchronization and hijacking Traffic analysis Covert channels 9/20/2018

11 Some known vulnerabilities in SSH
OpenSSH Challenge-Response Authentication Buffer Overflow: A hostile modification to the SSH client floods the server with authentication responses and causes a buffer overflow. [SSH-2] Passive analysis of SSH traffic: It lets the attacker obtain sensitive information by passively monitoring encrypted SSH sessions. The information can later be used to speed up brute-force attacks on passwords, including the initial login password and other passwords appearing in interactive SSH sessions. [SSH-1 & SSH-2] Key recovery in SSH protocol 1.5 : This vulnerability may lead to the compromise of the session key. Once the session key is determined, the attacker can proceed to decrypt the stored session using any implementation of the crypto algorithm used. This will reveal all information in an unencrypted form. [SSH-1] CRC-32 integrity check vulnerability : It is based on the weakness of the CRC-32 integrity that becomes exploitable due to CBC and CFB feedback modes [SSH-1] 9/20/2018

12 Case study : The ‘GOBBLES’ exploit
This exploits the weakness in the challenge-response authentication mechanism of OpenSSH. SSH_MSG_USERAUTH_REQUEST, SSH_MSG_USERAUTH_INFO_REQUEST , SSH_MSG_USERAUTH_INFO_RESPONSE 9/20/2018

13 Case study : The ‘GOBBLES’ exploit (contd.)
Instead of sending the requested number of responses, the client sends a large integer The server allocates memory for these response strings 9/20/2018

14 Case study : The ‘GOBBLES’ exploit (contd.)
9/20/2018

15 Case study : The ‘GOBBLES’ exploit (contd.)
9/20/2018

16 Case study : The ‘GOBBLES’ exploit (contd.)
9/20/2018

17 Case study : The ‘GOBBLES’ exploit (contd.)
9/20/2018

18 SSH tools There are several commercial and freeware SSH tools for UNIX and windows platforms Windows – PuTTY TeraTerm SecureCRT UNIX – The RedHat Linux package and OpenBSD come alongwith tools such as ssh, sshd(daemon), scp(secure copy), sftp(secure ftp), etc. OpenSSH 9/20/2018

19 Bibiliography [1] ‘Securing remote connections with SSH’ – a white paper by SSH communications Security corp. [2] Red Hat tutorials – Chapter 10 SSH : [3] SSH tools - [4] ’Firewalling a Secure Shell Service’ – a white paper [5] Cisco Security Advisory: Multiple SSH Vulnerabilities – pub.html [6] SSH -The Secure Shell :The definitive guide Daniel Barrett & Richard E. Silvermann (O’Reilly publications) [7] ‘Analysis of a Secure Shell vulnerability’ - James M. Mike Anthis A white paper 9/20/2018

Download ppt "SSH – The ‘Secure’ Shell"

Similar presentations

Module XXI Cryptography

Module XXI Cryptography
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Cryptography and Network Security Chapter 16

Cryptography and Network Security Chapter 16
SSH Operation and Techniques - © 2001-2006 William Stearns 1 SSH Operation and Techniques The Swiss Army Knife of encryption tools…

SSH Operation and Techniques - © William Stearns 1 SSH Operation and Techniques The Swiss Army Knife of encryption tools…
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II.

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II.
SSH: An Internet Protocol By Anja Kastl IS 373 - World Wide Web Standards.

SSH: An Internet Protocol By Anja Kastl IS World Wide Web Standards.
Cunsheng Ding HKUST, Hong Kong, CHINA

Cunsheng Ding HKUST, Hong Kong, CHINA
Telnet/SSH Tim Jansen, Mike Stanislawski. TELNET is short for Terminal Network Enables the establishment of a connection to a remote system, so that the.

Telnet/SSH Tim Jansen, Mike Stanislawski. TELNET is short for Terminal Network Enables the establishment of a connection to a remote system, so that the.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Secure Remote Access: SSH. K. Salah 2 What is SSH?  SSH – Secure Shell  SSH is a protocol for secure remote login and other secure network services.

Secure Remote Access: SSH. K. Salah 2 What is SSH?  SSH – Secure Shell  SSH is a protocol for secure remote login and other secure network services.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
The Secure Shell Protocol Jia Zhu 2621081 Seminar WS 06/07 Computer Security Chair holder : Prof. Dr. Joachim von zur Gathen Tutor: Michael Nüsken, Daniel.

The Secure Shell Protocol Jia Zhu Seminar WS 06/07 Computer Security Chair holder : Prof. Dr. Joachim von zur Gathen Tutor: Michael Nüsken, Daniel.
Firewalls, Perimeter Protection, and VPNs - SANS ©2001 1 SSH Operation The Swiss Army Knife of encryption tools…

Firewalls, Perimeter Protection, and VPNs - SANS © SSH Operation The Swiss Army Knife of encryption tools…
Cs490ns-cotter1 SSH / SSL Supplementary material.

Cs490ns-cotter1 SSH / SSL Supplementary material.
SSH Secure Login Connections over the Internet

SSH Secure Login Connections over the Internet
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
OpenSSH: A Telnet Replacement Presented by Aaron Grothe Heimdall Linux, Inc.

OpenSSH: A Telnet Replacement Presented by Aaron Grothe Heimdall Linux, Inc.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
Computation for Physics 計算物理概論 Introduction to Linux.

Computation for Physics 計算物理概論 Introduction to Linux.

Similar presentations

Ads by Google