Ssh

From Hackepedia
Jump to navigationJump to search

Socket.jpg

SSH stands for "Secure Shell" and was first written by a Finnish computer scientist named Tatu Ylonen. Mr. Ylonen went on to found SSH Communications which continues developing the ssh program. The program uses both symmetric and assymetric cryptography in order to keep the OSI session layer secure from session hijacking and sniffing.

Public Key Differences

There are three versions used in SSH. One for v1 protocol, and two for v2.

  • RSA1 is referred to as the original RSA key used for v1 protocols. These keys were used to encrypt the communications.
  • RSA is referred to as the v2 protocol. This is used for signing the channel only since the underlying protocol is now handled by a different means.
  • DSA was added to v2 protocol after RSA Security assured patent rights, and the IETF included DSA to allow for patent free implementation. Note: Due to how DSA works it requires a lot more good enthropy to be secure compared to RSA.

Which is the right one for you? Since the RSA patent has expired it is recommended by most of the OpenSSH team to stay with RSA keys since they have been around longer and are more known in terms of their strengths and weakness.

The OpenSSH Fork

OpenSSH was forked from a free version of SSH 1.2.12 and shipped with the OpenBSD 2.6 system. It has gained popularity among many vendors and is shipped with their products as well. Tatu Ylonen's company took OpenSSH to court but lost.

Cool SSH Tricks

Modern SSH clients and servers allow you to do some pretty nifty tricks. The most common is X11 Port Forwarding. You can also forward arbitrary ports, and compress files when transfering them over the network (all in addition to encrypting the data). One really nifty trick is to forward FlexLM connections. Another popular trick is passphraseless key exchange.

Travel

To use this, you'll need a shell account. This can be on a server you're running at home, or a machine that you trust. SOCKS mode is accomplished by adding the -D flag to start a SOCKS proxy.

$ ssh $home_machine -D127.0.0.1:8080

Now in firefox I enter a SOCKS proxy of 127.0.0.1 with port 8080 and it will appear to any website I visit that I am at home, not at my remote location! You can do this in any applications you wish (Firefox,Thunderbird or Pidgin for example, or you can use this as a VPN for all applications.