1. CSCE 815 Network Security Lecture 26 SSH and SSH Implementation April 24, 2003

2. – 2 – CSCE 815 Sp 03 Machines to Attack 129.252.140.3129.252.140.7NOT!!! 129.252.140.1 - gateway

3. – 3 – CSCE 815 Sp 03 SSH (Secure Shell) http://www.openssh.org/ SSH 3.6.1 Released April 1, 2003 OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks OpenSSH provides a myriad of secure tunneling capabilities E.g. tunneling X connections OpenSSH provides variety of authentication methods. Port 22 when used over TCP/IP (most common)

4. – 4 – CSCE 815 Sp 03 SSH Picture

5. – 5 – CSCE 815 Sp 03 SSH Suite ssh replaces telnet and rsh scp (secure copy) which replaces rcp sftp (secure ftp) which replaces ftp sshd (secure shell daemon) which is the server Others: ssh-add, ssh-agent, ssh-keysign, ssh-keyscan, ssh-keygen and sftp-server ssh-addssh-agentssh-keysignssh-keyscan ssh-keygensftp-serverssh-addssh-agentssh-keysignssh-keyscan ssh-keygensftp-server Protocols: SSH 1.3 thru SSH 2.0 are supported

6. – 6 – CSCE 815 Sp 03 OpenSSH SSH client configuration ssh_config (5) ssh_config SSH client configuration files $HOME/.ssh/config $HOME/.ssh/config /etc/ssh/ssh_config /etc/ssh/ssh_config

7. – 7 – CSCE 815 Sp 03 SSH Protocol 2.0 SSH Protocol ArchitectureSSH Protocol Architecture - Architecture describes the overall design of SSH-2 SSH Protocol Architecture SSH Transport Layer ProtocolSSH Transport Layer Protocol - provides a single, full- duplex, flow-controlled, byte-oriented connection from client to server, with privacy, integrity, and man-in-the-middle protection SSH Transport Layer Protocol SSH Authentication ProtocolSSH Authentication Protocol - identifies the client to the server SSH Authentication Protocol SSH Connection ProtocolSSH Connection Protocol - provides richer, application- support services such as TCP port and X forwarding SSH Connection Protocol

8. – 8 – CSCE 815 Sp 03 SSH Architecture Host Keys - Each server host SHOULD have a host key Two different trust models can be used:  client has a local database that associates each host name with the corresponding public host key  host name-to-key association is certified by some trusted certification authority All implementations SHOULD provide an option to not accept host keys that cannot be verified. Extensibility - should evolve over time protocol allows full negotiation of encryption, integrity, key exchange, compression, and public key algorithms and formats

9. – 9 – CSCE 815 Sp 03 SSH Packets Minimum Packets Size is 28 Negligible for large packets, but for character by character ala telnet this is significant 28 + 32(TCP/IP) + ethernet But minimum ethernet packet payload size is 46 So the increase over the minimum is 4/46 = ~10%

10. – 10 – CSCE 815 Sp 03 SSH Message Numbers SSH packets have message numbers in the range 1 to 255. Transport layer protocol: 1 to 19 Transport layer generic (e.g. disconnect, ignore, debug, etc.) 20 to 29 Algorithm negotiation 30 to 49 Key exchange method specific (numbers can be reused for different authentication methods) User authentication protocol: 50 to 59 User authentication generic 60 to 79 User authentication method specific (numbers can be reused for different authentication methods) Connection protocol: 80 to 89 Connection protocol generic 90 to 127 Channel related messages Reserved for client protocols: 128 to 191 Reserved Local extensions: 192 to 255

11. – 11 – CSCE 815 Sp 03 Authentication requests Requests byte - SSH_MSG_USERAUTH_REQUEST string - user name (in ISO-10646 UTF-8 encoding [RFC2279]) string - service name (in US-ASCII) string - method name (US-ASCII) The rest of the packet is method-specificResponse byte SSH_MSG_USERAUTH_FAILURE string “authentications that can continue” boolean partial success “Authentications that can continue" is a comma- separated list of authentication method names that may productively continue the authentication dialog.

12. – 12 – CSCE 815 Sp 03 XWindows Normal Connection

13. – 13 – CSCE 815 Sp 03

14. – 14 – CSCE 815 Sp 03 SSH X Connection  SSH attempts to connect to port 22 on remote host  SSHD on the machine Remote forks off a child SSHD process. If X11 forwarding is enabled, the process listens on port 6000 + x (first open one)  child SSHD now forks off the command received from the original SSH client, usually xterm. SSHD sets the DISPLAY environment xterm to "Remote  xterm sends all X information to the fake server on it's own host  fake SSHD-X server encrypts the X information, then sends it to the SSH client on the Local machine.  SSH client decrypts the information and sends it to the real X server

15. – 15 – CSCE 815 Sp 03 SSH and Proxy Servers in General Two methods “-L” and “-R” options ssh -L local-port:remote-machine:remote-port \ remote-machine remote-machine This forwards a port (local-port) on the local machine across an encrypted channel to a server port (remote-port) on the remote machine ssh -R remote-port:remote-machine:local-port \ remote-machine remote-machine command to have a port on a remote host act as a proxy for a local port

16. – 16 – CSCE 815 Sp 03

17. – 17 – CSCE 815 Sp 03 SSH References Implementation SSH 1 http://www.cise.ufl.edu/help-system/ssh/ SSH 3.2 http://www.ssh.com/ http://www.ssh.com/ Open SSH http://www.openssh.org/ http://www.openssh.org/ Protocols http://www.snailbook.com/protocols.html http://www.snailbook.com/protocols.html