OpenSSH. 24th February ASBL CSRRT-LU (Computer Security Research and Response Team Luxembourg) 1 / 12

Similar documents
Secure Remote Access: SSH & HTTPS

Transport Level Security

The Secure Shell (SSH) Protocol

Digital Signatures. Public-Key Signatures. Arbitrated Signatures. Digital Signatures With Encryption. Terminology. Message Authentication Code (MAC)

Transport Layer Security

Chapter 12 Security Protocols of the Transport Layer

IPSec. Overview. Overview. Levente Buttyán

The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to

CONTENTS. vii. Chapter 1 TCP/IP Overview 1. Chapter 2 Symmetric-Key Cryptography 33. Acknowledgements

Chapter 8 Web Security

Computer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018

Cryptography MIS

Contents. Configuring SSH 1

L13. Reviews. Rocky K. C. Chang, April 10, 2015

The OpenSSH Protocol under the Hood

Secure Shell Version 2 Support

SSH Algorithms for Common Criteria Certification

IPSec Transform Set Configuration Mode Commands

SSH - Secure SHell. Lecture 23 CSIT571. Slides prepared by Joseph Zhaojun Wu Revised by Cunsheng Ding

BCA III Network security and Cryptography Examination-2016 Model Paper 1

Cipher Suite Configuration Mode Commands

Cryptography and Network Security

Secure Shell Version 2 Support

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.

Wireless Terminal Emulation Advanced Terminal Session Management (ATSM) Device Management Stay-Linked

IPSec Transform Set Configuration Mode Commands

CSCE 715: Network Systems Security

CPSC 467: Cryptography and Computer Security

The IPsec protocols. Overview

Cryptography and Network Security Chapter 16. Fourth Edition by William Stallings

PROTECTING CONVERSATIONS

Virtual Private Network

Junos Security. Chapter 8: IPsec VPNs Juniper Networks, Inc. All rights reserved. Worldwide Education Services

Extended Package for Secure Shell (SSH) Version: National Information Assurance Partnership

IPsec (AH, ESP), IKE. Guevara Noubir CSG254: Network Security

Overview of SSL/TLS. Luke Anderson. 12 th May University Of Sydney.

Cryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption

How to Configure a Site-to-Site IPsec IKEv1 VPN Tunnel

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

UH, FB Inf, SVS, 18-Okt covers all traffic on that link, independent of protocols above. application has no visibility of Internet layer.

CSE 127: Computer Security Cryptography. Kirill Levchenko

Cryptographic Mechanisms: Recommendations and Key Lengths

Virtual Private Networks

Using keys with SSH Rob Judd

Table of Contents 1 SSH Configuration 1-1

Feedback Week 4 - Problem Set

Findings for

FIPS SECURITY POLICY FOR

Securing IoT applications with Mbed TLS Hannes Tschofenig Arm Limited

Authenticated Encryption in TLS

CIS 551 / TCOM 401 Computer and Network Security. Spring 2006 Lecture 13

David Wetherall, with some slides from Radia Perlman s security lectures.

How to Create a TINA VPN Tunnel between F- Series Firewalls

Configuration of an IPSec VPN Server on RV130 and RV130W

CSCE 715: Network Systems Security

NCP Secure Enterprise macos Client Release Notes

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

How to Configure a Site-to-Site IPsec IKEv1 VPN Tunnel

Linux Network Administration

TLS1.2 IS DEAD BE READY FOR TLS1.3

8. Network Layer Contents

Cisco VPN 3002 Hardware Client Security Policy

Table of Contents 1 IKE 1-1

Secure channel, VPN and IPsec. stole some slides from Merike Kaeo

Updates: 2409 May 2005 Category: Standards Track. Algorithms for Internet Key Exchange version 1 (IKEv1)

Message authentication codes

This version of the des Secure Enterprise MAC Client can be used on Mac OS X 10.7 Lion platform.

The Xirrus Wi Fi Array XS4, XS8 Security Policy Document Version 1.0. Xirrus, Inc.

ip source-track through ivrf

Lecture for February 10, 2016

CS 393 Network Security. Nasir Memon Polytechnic University Module 12 SSL

Numerics I N D E X. 3DES (Triple Data Encryption Standard), 48

Cryptography and Network Security

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

White Paper for Wacom: Cryptography in the STU-541 Tablet

Management Access. Configure Management Remote Access. Configure ASA Access for ASDM, Telnet, or SSH

CS 161 Computer Security

Chapter 6. IP Security. Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University

Transport Layer Security

Release Notes. NCP Secure Enterprise Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3.

IP Security Discussion Raise with IPv6. Security Architecture for IP (IPsec) Which Layer for Security? Agenda. L97 - IPsec.

Internet. SonicWALL IP Cisco IOS IP IP Network Mask

Encrypted Phone Configuration File Setup

Comparison of SSL/TLS libraries based on Algorithms/languages supported, Platform, Protocols and Performance. By Akshay Thorat

IP Security IK2218/EP2120

Security Protocols. Professor Patrick McDaniel CSE545 - Advanced Network Security Spring CSE545 - Advanced Network Security - Professor McDaniel

CMSC 414 S09 Exam 2 Page 1 of 6 Name:

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

(2½ hours) Total Marks: 75

Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems

The Internet community has developed application-specific security mechanisms in a number of application areas, including electronic mail (S/MIME,

Configuring Internet Key Exchange Security Protocol

Jaap van Ginkel Security of Systems and Networks

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

How to Configure a Site-To-Site IPsec VPN to the Amazon AWS VPN Gateway

Information Security: Principles and Practice Second Edition. Mark Stamp

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

VPN, IPsec and TLS. stole slides from Merike Kaeo apricot2017 1

Network Security Chapter 8

NCP Secure Entry macos Client Release Notes

Transcription:

OpenSSH ASBL CSRRT-LU (Computer Security Research and Response Team Luxembourg) http://www.csrrt.org/ 24th February 2006 1 / 12

SSH - History 1995 Tatu Ylonen releases ssh-1.0.0 (Forms SSH Communications Security) 1997 IETF secsh working group formed - Work on SSH protocol v2 begun 1999 OpenSSH project started, based on open-source ssh-1.x code 2000 SSH protocol v2 support added to OpenSSH 2002 SSH support added to Solaris 9 (OpenSSH derived) SSH protocol v2 nears release as IETF RFC 2006 RFC released for SSH protocol v2 as secsh 2 / 12

SSH Operation and Protocol Runs on TCP port 22, initiated by client Client and server exchange banners at connect time: SSH-1.5-SoftwareName SSH protocol v.1 SSH-2.0-SoftwareName SSH protocol v.2 SSH-1.99-SoftwareName both protocols SoftwareName is the implementation name and version Usually used for backwards (bug) compatibility Server always has a public/private key pair Public key is sent during connection setup Server s public key is cached by client to detect MITM 3 / 12

SSH Protocol v1 SSH protocol v.1 is the original version released in the free ssh-1.x code by Tatu Ylonen Revised between 1995 and 1997 Final version of the protocol is officially 1.5 Never standardised Some desire to have it published as an informational RFC Monolithic protocol 4 / 12

SSH Protocol v2 Unlike the monolithic v1 protocol SSH v2 is several protocols Transport protocol Underlying protocol Handles encryption, compression, integrity Provides services based on text strings User Authentication protocol Responsible for authentication of user to server Supports various authentication methods Password, Public key, Challenge-response, Host based Connection protocol Interactive logins, Command execution, Port forwarding, X11 forwarding 5 / 12

SSH Protocol v2 - packet format 4 bytes Packet length 1 byte Padding length... Payload paddinglen Random padding... MAC[seqno, packet (sans MAC)] 6 / 12

SSH Protocol v2 - packet format Multiple MAC algorithms supported hmac-md5, hmac-sha1, truncated MACs, none Payload may optionally be compressed prior to MAC Packets are optionally encrypted with a symmetric cipher 3-des-cbc (MUST) blowfish-cbc (RECOMMENDED) twofish-cbc, aes-cbc, serpent-cbc (OPTIONAL) arcfour, idea-cbc, cast128-cbc (OPTIONAL) 7 / 12

SSH Protocol v2 - protocol start Server and client exchange banners Client and server both send MSGKEXINIT packet Random nonce Supported/Allowed algorithms to use for key exchange Supported/Allowed server host key formats Supported/Allowed symmetric algorithms (both ways) Supported/Allowed MAC algorithms Supported/Allowed compression algorithms Supported/Allowed languages Flag indicating KEX guess The Supported/Allowed lists are comma-separated strings E.g. aes128-cbc, 3des-cbc, arcfour 8 / 12

SSH Protocol v2 - protocol exchange Upon receipt of KEXINIT packet, both client and server Calculate intersection of supported/allowed ciphers, etc Run selected key exchange algorithm Usually Diffie Hellman D-H key exchange Secure way for two parties to derive a shared key Safe against eavesdroppers Perfect Forward Secrecy Exchange is authenticated with hash of Client / server version strings Payloads of client / server KEXINIT packets Server host key Intermediate D-H exchange values Derived shared secret 9 / 12

SSH Protocol v2 - protocol exchange Output from key exchange is two keys: Server to client Client to server The client/server may have different options. e.g. client may send data encrypted with 3des-cbc, no compression server may send data encrypted with arcfour, zlib compression MSGKEXINIT may be sent at any time during session Re-keying may change compression, ciphers as well as keys Once keyed, protocol moves on to authentication 10 / 12

SSH Protocol / OpenSSH TP Analyze a SSH communication stream with a simple password authentication (using Ethereal + debug mode of OpenSSH) Using the OpenVPN setup of the previous TP, authenticate a user (with an OpenSSH RSA public key) using OpenSSH to your server inside a VPN connection Be aware that the keys scheme and authentication used in OpenVPN is different in OpenSSH... 11 / 12

Q and A Thanks for listening. http://www.csrrt.org.lu/ adulau@foo.be 12 / 12

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback