SCAR-iT/LWM-Linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
LWM-Linux/04 - Networking in Linux/Secure Shell (SSH).md

3.2 KiB
Raw Blame History

Secure Shell (SSH):

1. Introduction to SSH

Secure Shell (SSH) is a cryptographic network protocol used for secure communication over an unsecured network. It provides a secure channel for data exchange between two networked devices, typically used for remote command-line login and remote command execution.

2. Key Features of SSH

  • Encryption: All communication is encrypted, protecting against eavesdropping.
  • Authentication: Ensures the identity of the communicating parties.
  • Integrity: Guarantees that the transmitted data hasn't been altered.
  • Port Forwarding: Allows secure tunneling of other protocols.

3. How SSH Works

SSH operates on a client-server model. The process typically involves:

  • Key Exchange: The client and server agree on a shared secret key.
  • Encryption Negotiation: They decide on the encryption algorithm to use.
  • Authentication: The server authenticates the client.
  • Session: Encrypted data transfer begins.

4. SSH Authentication Methods

  • Password Authentication: Simple but less secure.
  • Public Key Authentication: More secure, involves a public-private key pair.
  • Host-Based Authentication: Based on the host rather than the user.
  • Keyboard-Interactive: Allows for various prompts (e.g., two-factor authentication).

5. SSH Key Management

  • Generating Keys: Use ssh-keygen to create key pairs.
  • Key Types: RSA, DSA, ECDSA, Ed25519 (Ed25519 is recommended for new deployments).
  • Key Size: Larger keys are more secure but slower (e.g., 4096-bit RSA).
  • Passphrase: An extra layer of security for private keys.

6. Common SSH Commands

  • ssh user@hostname: Basic connection command.
  • scp: Secure copy files between hosts.
  • sftp: Secure file transfer protocol.
  • ssh-keygen: Generate SSH key pairs.
  • ssh-copy-id: Copy public key to a remote host.

7. SSH Configuration

  • Client Configuration: ~/.ssh/config
  • Server Configuration: /etc/ssh/sshd_config
  • Important settings:
    • Port (default 22)
    • PermitRootLogin
    • PasswordAuthentication
    • PubkeyAuthentication

8. SSH Security Best Practices

  • Use key-based authentication instead of passwords.
  • Disable root login.
  • Use non-standard ports.
  • Implement fail2ban or similar intrusion prevention systems.
  • Keep software up-to-date.
  • Use SSH protocol version 2.
  • Limit user access with AllowUsers or AllowGroups.

9. Advanced SSH Features

  • Port Forwarding: Local, Remote, and Dynamic.
  • X11 Forwarding: Run graphical applications remotely.
  • SSH Agent: Manage multiple SSH keys.
  • ProxyJump: Easily connect through a jump host.

10. Troubleshooting SSH

  • Connection Issues: Check network, firewall, and SSH service status.
  • Authentication Problems: Verify credentials, key permissions, and server configuration.
  • Performance Issues: Consider compression or alternative ciphers.

11. SSH Alternatives and Related Protocols

  • Telnet: Older, unencrypted protocol (not recommended).
  • RDP: Remote Desktop Protocol (mainly for Windows).
  • VNC: Virtual Network Computing (graphical desktop sharing).

12. SSH in Enterprise Environments

  • Centralized key management solutions.
  • Integration with LDAP or Active Directory.
  • Auditing and logging considerations.
  • Bastion hosts for added security.