SCAR-iT/LWM-Linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
LWM-Linux/04 - Networking in Linux/Secure Shell (SSH).md
ganome 3e41580e35
Sanitize Chapter 4
2024-09-05 17:01:20 -06:00

3.6 KiB
Raw Blame History

Secure Shell (SSH):

1. Introduction to SSH

Secure Shell (SSH) is a cryptographic network protocol used for secure communication over an unsecured network. It provides a secure channel for data exchange between two networked devices, typically used for remote command-line login and remote command execution.

2. Key Features of SSH

  • Encryption: All communication is encrypted, protecting against eavesdropping.
  • Authentication: Ensures the identity of the communicating parties.
  • Integrity: Guarantees that the transmitted data hasn't been altered.
  • Port Forwarding: Allows secure tunneling of other protocols.

3. How SSH Works

SSH operates on a client-server model. The process typically involves:

  • Key Exchange: The client and server agree on a shared secret key.
  • Encryption Negotiation: They decide on the encryption algorithm to use.
  • Authentication: The server authenticates the client.
  • Session: Encrypted data transfer begins.

4. SSH Authentication Methods

  • Password Authentication: Simple but less secure.
  • Public Key Authentication: More secure, involves a public-private key pair.
  • Host-Based Authentication: Based on the host rather than the user.
  • Keyboard-Interactive: Allows for various prompts (e.g., two-factor authentication).

5. SSH Key Management

  • Generating Keys: Use ssh-keygen -t ed25519 -a 32 to create key pairs. (stored in ~/.ssh/ by default)
  • Key Types: RSA, DSA, ECDSA, Ed25519 (Ed25519 is recommended for new deployments).
  • Key Size: Larger keys are more secure but slower (e.g., 4096-bit RSA).
  • Passphrase: An extra layer of security for private keys.

6. Common SSH Commands

  • ssh user@hostname: Basic connection command.
  • scp user@hostname:/full/source/path ~/destination: Secure copy files between hosts.
  • sftp user@hostname: Secure file transfer protocol.
  • ssh-keygen: Generate SSH key pairs.
  • ssh-copy-id user@hostname: Copy your public key to a remote host.

7. SSH Configuration

  • Client Configuration: ~/.ssh/config
  • Server Configuration: /etc/ssh/sshd_config
  • Important settings:
    • Port (default 22)
    • PermitRootLogin : Usually commented out to disable root from using SSH.
    • PasswordAuthentication: Set to no if you want to only use RSA keys
    • PubkeyAuthentication: Set to yes if you want to use RSA keys for authentication.

8. SSH Security Best Practices

  • Use key-based authentication instead of passwords.
  • Disable root login.
  • Use non-standard ports.
  • Implement fail2ban or similar intrusion prevention systems. (sudo apt install fail2ban).
  • Keep software up-to-date.
  • Use SSH protocol version 2.
  • Limit user access with AllowUsers or AllowGroups.

9. Advanced SSH Features

  • Port Forwarding: Local, Remote, and Dynamic.
  • X11 Forwarding: Run graphical applications remotely. (Virtual Network Connections among others)
  • SSH Agent: Manage multiple SSH keys.
  • ProxyJump: Easily connect through a jump host.

10. Troubleshooting SSH

  • Connection Issues: Check network, firewall, and SSH service status.
  • Authentication Problems: Verify credentials, key permissions (chmod 600 ~/.ssh/id_rsa*), and server configuration.
  • Performance Issues: Consider compression or alternative ciphers.

11. SSH Alternatives and Related Protocols

  • Telnet: Older, unencrypted protocol (not recommended - INSECURE).
  • RDP: Remote Desktop Protocol - allows a full desktop (mainly for Windows).
  • VNC: Virtual Network Computing - allows a full desktop (graphical desktop sharing).

12. SSH in Enterprise Environments

  • Centralized key management solutions.
  • Integration with LDAP or Active Directory.
  • Auditing and logging considerations.
  • Bastion hosts for added security.