Presentation is loading. Please wait.

Presentation is loading. Please wait.

SSH and SSL CIT304 University of Sunderland Harry R. Erwin, PhD.

Published byColin Chapman Modified over 8 years ago

Similar presentations

Presentation on theme: "SSH and SSL CIT304 University of Sunderland Harry R. Erwin, PhD."— Presentation transcript:

1 SSH and SSL CIT304 University of Sunderland Harry R. Erwin, PhD

2 Resources Daniel J. Barrett and Richard E. Silverman, 2001, SSH, the Secure Shell, O’Reilly, ISBN: 0-596-00011-1 Eric Rescorla, 2001, SSL and TLS: Designing and Building Secure Systems, Addison-Wesley, ISBN: 0-201-61598-3

3 The Problem IPv4 is insecure. Most TCP/IP services are unencrypted. This allows anyone to monitor and reconstruct connection traffic on the internet. The following needs can be identified: –Encrypted connections between parties known to each other. –Third-party authentication and encrypted connection establishment when parties are not known to each other.

4 Solutions SSH to support encrypted sessions SSL to provide trusted third-party authentication and to support encrypted sessions.

5 SSH “Secure shell” Transparent encryption. Modern, secure encryption algorithms Reliable, fast, and effective Client/server interaction Eliminates.rhosts and hosts.equiv

6 Services Provided Replaces: –rsh and telnet with ssh –rlogin with slogin –rcp with scp –ftp with sftp Protocols –ssh-1 –ssh-2

7 SSH1 Authentication Mechanisms 1.Kerberos 2.Rhosts (trusted host authentication, insecure) 3.RhostsRSA (trusted host authentication, insecure) 4.Public-key (RSA) 5.TIS 6.Password (various flavors, relatively insecure)

8 SSH2 Authentication Mechanisms 1.Public-key (DSA, RSA, OpenPGP) 2.Hostbased 3.Password

9 Ciphers SSH1 –3DES, IDEA, ARCFOUR (alleged RC4), DES SSH2 –3DES, Blowfish, Twofish, CAST-128, IDEA, ARCFOUR

10 Port Forwarding SSH can forward or tunnel ports, allowing you to run insecure services securely. ssh -L 3002:localhost:119 news.yoyo.com

11 A Simple Example ssh -l harry harry.sunderland.ac.uk This allows me to log into harry@harry.sunderland.ac.uk harry@harry.sunderland.ac.uk Another way of doing the same thing is ssh harry@harry.sunderland.ac.uk

12 Using scp scp harry@harry.sunderland.ac.uk:myfile afileharry@harry.sunderland.ac.uk:myfile This transfers myfile from my home directory on harry.sunderland.ac.uk to afile locally. You can also use sftp similarly to ftp.

13 Threats Countered Eavesdropping DNS and IP Spoofing Connection Hijacking Man-in-the-Middle Attacks Insertion Attack

14 SSL Secure Sockets Layer An authentication and encryption technique that provides security services to TCP by a socket- style API. Relies on certificates issued by a trusted third party. Invented by Netscape. Is slowly being replaced by TLS (Transport Layer Security)

15 Services Provided Secure http pop imap smtp ftp rmi corba iiop telnet ldap

16 SSL Functions Confidential transmission Message integrity Endpoint authentication

17 How It Works An understanding of how SSL works is necessary to use it safely. Uses public key (asymmetric) cryptography. Trusted third parties (Certificate Authorities) provide the certificates that contain the public keys. Supports many encryption algorithms.

18 SSL-Enabled UNIX Clients curl, ethereal, ettercap, lynx, stunnel, gabber, links, mutt, xchat, bitchx, lftp, neon, openldap, openslp, pine, various database managers.

Download ppt "SSH and SSL CIT304 University of Sunderland Harry R. Erwin, PhD."

Similar presentations

Cryptography and Network Security Chapter 16

Cryptography and Network Security Chapter 16
Cryptography and Network Security

Cryptography and Network Security
Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.

Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Securing Network Communication. 2 Security Issues in Communication Privacy  Anyone can see content Integrity  Someone might alter content Authentication.

Securing Network Communication. 2 Security Issues in Communication Privacy  Anyone can see content Integrity  Someone might alter content Authentication.
The Aerospace Clinic 2002 Team Members Nick Hertl (Project Manager) Will Berriel Richard Fujiyama Chip Bradford Faculty Advisor Professor Michael Erlinger.

The Aerospace Clinic 2002 Team Members Nick Hertl (Project Manager) Will Berriel Richard Fujiyama Chip Bradford Faculty Advisor Professor Michael Erlinger.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.
OpenSSH (SSH - Secure SHell) Silvio C. Sampaio Doctoral Programme in Informatics Engineering PRODEI011 - Computer Systems Security –

OpenSSH (SSH - Secure SHell) Silvio C. Sampaio Doctoral Programme in Informatics Engineering PRODEI011 - Computer Systems Security –
© 2004, The Technology Firm WWW.THETECHFIRM.COM SSL Packet Decodes From Wikipedia, the free encyclopedia.  Secure Sockets Layer (SSL) is a cryptographic.

© 2004, The Technology Firm SSL Packet Decodes From Wikipedia, the free encyclopedia.  Secure Sockets Layer (SSL) is a cryptographic.
Cunsheng Ding HKUST, Hong Kong, CHINA

Cunsheng Ding HKUST, Hong Kong, CHINA
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
EEC 688/788 Secure and Dependable Computing Lecture 8 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 8 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.
Secure Shell (SSH) 4/19/06 Diane Conner Zoltan Csizmadia Doug Le.

Secure Shell (SSH) 4/19/06 Diane Conner Zoltan Csizmadia Doug Le.
Cs490ns-cotter1 SSH / SSL Supplementary material.

Cs490ns-cotter1 SSH / SSL Supplementary material.
SSH Secure Login Connections over the Internet

SSH Secure Login Connections over the Internet
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

Similar presentations

Ads by Google