LWM-Linux/04 - Networking in Linux/Secure Shell (SSH).md

# Secure Shell (SSH):

## 1. Introduction to SSH

Secure Shell (SSH) is a cryptographic network protocol used for secure communication over an unsecured network. It provides a secure channel for data exchange between two networked devices, typically used for remote command-line login and remote command execution.

## 2. Key Features of SSH

- Encryption: All communication is encrypted, protecting against eavesdropping.
- Authentication: Ensures the identity of the communicating parties.
- Integrity: Guarantees that the transmitted data hasn't been altered.
- Port Forwarding: Allows secure tunneling of other protocols.

## 3. How SSH Works

SSH operates on a client-server model. The process typically involves:

- Key Exchange: The client and server agree on a shared secret key.
- Encryption Negotiation: They decide on the encryption algorithm to use.
- Authentication: The server authenticates the client.
- Session: Encrypted data transfer begins.

## 4. SSH Authentication Methods

- Password Authentication: Simple but less secure.
- Public Key Authentication: More secure, involves a public-private key pair.
- Host-Based Authentication: Based on the host rather than the user.
- Keyboard-Interactive: Allows for various prompts (e.g., two-factor authentication).

## 5. SSH Key Management

- Generating Keys: Use `ssh-keygen` to create key pairs.
- Key Types: RSA, DSA, ECDSA, Ed25519 (Ed25519 is recommended for new deployments).
- Key Size: Larger keys are more secure but slower (e.g., 4096-bit RSA).
- Passphrase: An extra layer of security for private keys.

## 6. Common SSH Commands

- `ssh user@hostname`: Basic connection command.
- `scp`: Secure copy files between hosts.
- `sftp`: Secure file transfer protocol.
- `ssh-keygen`: Generate SSH key pairs.
- `ssh-copy-id`: Copy public key to a remote host.

## 7. SSH Configuration

- Client Configuration: `~/.ssh/config`
- Server Configuration: `/etc/ssh/sshd_config`
- Important settings:
  - Port (default 22)
  - PermitRootLogin
  - PasswordAuthentication
  - PubkeyAuthentication

## 8. SSH Security Best Practices

- Use key-based authentication instead of passwords.
- Disable root login.
- Use non-standard ports.
- Implement fail2ban or similar intrusion prevention systems.
- Keep software up-to-date.
- Use SSH protocol version 2.
- Limit user access with AllowUsers or AllowGroups.

## 9. Advanced SSH Features

- Port Forwarding: Local, Remote, and Dynamic.
- X11 Forwarding: Run graphical applications remotely.
- SSH Agent: Manage multiple SSH keys.
- ProxyJump: Easily connect through a jump host.

## 10. Troubleshooting SSH

- Connection Issues: Check network, firewall, and SSH service status.
- Authentication Problems: Verify credentials, key permissions, and server configuration.
- Performance Issues: Consider compression or alternative ciphers.

## 11. SSH Alternatives and Related Protocols

- Telnet: Older, unencrypted protocol (not recommended).
- RDP: Remote Desktop Protocol (mainly for Windows).
- VNC: Virtual Network Computing (graphical desktop sharing).

## 12. SSH in Enterprise Environments

- Centralized key management solutions.
- Integration with LDAP or Active Directory.
- Auditing and logging considerations.
- Bastion hosts for added security.
Initial Commit - Taking my own code to my repository - No longer a fork of LinuxLightHouse 2024-09-02 16:42:08 -06:00			`# Secure Shell (SSH):`

			`## 1. Introduction to SSH`

			`Secure Shell (SSH) is a cryptographic network protocol used for secure communication over an unsecured network. It provides a secure channel for data exchange between two networked devices, typically used for remote command-line login and remote command execution.`

			`## 2. Key Features of SSH`

			`- Encryption: All communication is encrypted, protecting against eavesdropping.`
			`- Authentication: Ensures the identity of the communicating parties.`
			`- Integrity: Guarantees that the transmitted data hasn't been altered.`
			`- Port Forwarding: Allows secure tunneling of other protocols.`

			`## 3. How SSH Works`

			`SSH operates on a client-server model. The process typically involves:`

			`- Key Exchange: The client and server agree on a shared secret key.`
			`- Encryption Negotiation: They decide on the encryption algorithm to use.`
			`- Authentication: The server authenticates the client.`
			`- Session: Encrypted data transfer begins.`

			`## 4. SSH Authentication Methods`

			`- Password Authentication: Simple but less secure.`
			`- Public Key Authentication: More secure, involves a public-private key pair.`
			`- Host-Based Authentication: Based on the host rather than the user.`
			`- Keyboard-Interactive: Allows for various prompts (e.g., two-factor authentication).`

			`## 5. SSH Key Management`

			- Generating Keys: Use `ssh-keygen` to create key pairs.
			`- Key Types: RSA, DSA, ECDSA, Ed25519 (Ed25519 is recommended for new deployments).`
			`- Key Size: Larger keys are more secure but slower (e.g., 4096-bit RSA).`
			`- Passphrase: An extra layer of security for private keys.`

			`## 6. Common SSH Commands`

			- `ssh user@hostname`: Basic connection command.
			- `scp`: Secure copy files between hosts.
			- `sftp`: Secure file transfer protocol.
			- `ssh-keygen`: Generate SSH key pairs.
			- `ssh-copy-id`: Copy public key to a remote host.

			`## 7. SSH Configuration`

			- Client Configuration: `~/.ssh/config`
			- Server Configuration: `/etc/ssh/sshd_config`
			`- Important settings:`
			`- Port (default 22)`
			`- PermitRootLogin`
			`- PasswordAuthentication`
			`- PubkeyAuthentication`

			`## 8. SSH Security Best Practices`

			`- Use key-based authentication instead of passwords.`
			`- Disable root login.`
			`- Use non-standard ports.`
			`- Implement fail2ban or similar intrusion prevention systems.`
			`- Keep software up-to-date.`
			`- Use SSH protocol version 2.`
			`- Limit user access with AllowUsers or AllowGroups.`

			`## 9. Advanced SSH Features`

			`- Port Forwarding: Local, Remote, and Dynamic.`
			`- X11 Forwarding: Run graphical applications remotely.`
			`- SSH Agent: Manage multiple SSH keys.`
			`- ProxyJump: Easily connect through a jump host.`

			`## 10. Troubleshooting SSH`

			`- Connection Issues: Check network, firewall, and SSH service status.`
			`- Authentication Problems: Verify credentials, key permissions, and server configuration.`
			`- Performance Issues: Consider compression or alternative ciphers.`

			`## 11. SSH Alternatives and Related Protocols`

			`- Telnet: Older, unencrypted protocol (not recommended).`
			`- RDP: Remote Desktop Protocol (mainly for Windows).`
			`- VNC: Virtual Network Computing (graphical desktop sharing).`

			`## 12. SSH in Enterprise Environments`

			`- Centralized key management solutions.`
			`- Integration with LDAP or Active Directory.`
			`- Auditing and logging considerations.`
			`- Bastion hosts for added security.`