January 22, 2012

1.4.3 SSH

SSH

Secure Shell (SSH) is a protocol for securely connecting to and opening a remote login connection or and other network services over an insecure network. It is a secure replacement for the ARPA/Berkeley services: Telnet, rlogin, rsh and rcp and it consists of four major components:
  • The Transport Layer Protocol – This layer handles initial key exchange as well as server authentication, and sets up encryption, compression and integrity verification.
  • The User Authentication Protocol – This layer authenticates the client-side user to the server.  It runs over the transport layer protocol.
  • The Connection Protocol – This layer defines the concept of channels, channel requests and global requests using which SSH services are provided. It multiplexes the encrypted tunnel into several logical channels.  It runs over the user authentication protocol.
  • The SSHFP DNS record – This layer provides the public host key fingerprints in order to aid in verifying the authenticity of the host.
A remote access method provides the ability for users to connect to devices remotely. SSH is one of many remote access methods. Others include Virtual Private Network (VPN), IPSec, Terminal Access Controller Access Control System (TACACS/TACACS+) and Remote Authentication Dial-In Use Service (RADIUS).

SSH allows connections to be secured by encrypting the session between the client and the server.
SSH is a tunneling protocol. It uses encryption to establish a secure connection between two systems. It transmits both authentication and data traffic in a secured encrypted form. No information is exchanged in clear text. SSH listens at TCP port 22 for connection requests.

SSH is primarily intended for interactive terminal sessions such as logging onto a remote host, however it can be used to encrypt and authenticate a variety of communication sessions and remote command execution.

SSHv2 includes security improvements, e.g. Diffie-Hellman key exchange and message authentication codes for strong integrity checking over the original, SSHv1.

The SSH suite encapsulates three secure utilities: slogin, ssh and scp.
Secure Shell (SSH) is a network protocol that allows data to be exchanged using a secure channel between two computers. Encryption provides confidentiality and integrity of data over an insecure network, such as the Internet. SSH uses public-key cryptography to authenticate the remote computer and allow the remote computer to authenticate the user.

SSH is used to log into a remote machine and execute commands. It can transfer files using the associated SFTP or SCP protocols. It also supports tunneling, forwarding arbitrary TCP ports and X11 connections; The SSH server listens on the standard TCP port 22.
SSH-1 has inherent design flaws which make it vulnerable to a variety of attacks, it is considered obsolete and should be avoided by explicitly disabling fallback to SSH-1, when possible.
References:

No comments:

Post a Comment