Ssh tricks
Download
1 / 16

SSH Tricks - PowerPoint PPT Presentation


  • 68 Views
  • Uploaded on

SSH Tricks. Matthew G. Marsh. Overview. SSH What is it How does it work Discussion of Network Topology Tricks for multiple hosts Keys and config files MultiHop tricks Q&A. SSH . What is it

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'SSH Tricks' - neveah


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Ssh tricks

SSH Tricks

Matthew G. Marsh


Overview
Overview

  • SSH

    • What is it

    • How does it work

  • Discussion of Network Topology

    • Tricks for multiple hosts

    • Keys and config files

    • MultiHop tricks

  • Q&A


SSH

  • What is it

    • Secure Shell was developed to solve the two most acute problems in the Internet, secure remote terminal logins and secure file transfers.

    • Essentially an encrypted Remote Utilities replacement

  • How does it work

    • Set up and generation of an encrypted TCP connection

    • Authentication can be Password or PubPriv key

      • Yes there are others but that is where the cracks are…

    • Arbitrary TCP ports - WKP = 22

  • In this session we will concentrate on SSH1 using key based authentication


Simple examples
Simple Examples

  • Two hosts

    • 1 has a sshd running on WKP

    • 2 has a client

      [email protected]: ssh 1

      [email protected] password:

      #

  • This allows root to login remotely using a password - BAD!

  • Better is to define: ‘PermitRootLogin no’ in the sshd_config file


Simple examples1
Simple Examples

  • Two hosts - preshared key

    • 1 has a sshd running on WKP

    • 2 has a client

      [email protected]: ssh 1

      [email protected]$

  • The way to set this up is as follows:

    [email protected]$ ssh-keygen -t rsa1 -f /home/tech/.ssh/key4mac1 -N “”

    [email protected]$ scp .ssh/key4mac1.pub [email protected]:~/.ssh/authorized_keys

    [email protected] password:

    [email protected]$ cat > .ssh/config

    Host 1

    User tech

    Protocol 1

    IdentityFile /home/tech/.ssh/key4mac1

    Hostname 10.1.2.1

    ^D


A wee bit less simple examples
A wee bit less Simple Examples

  • Two hosts - preshared key

    • 1 has a sshd running on port 17

    • 2 has a client

      [email protected]: ssh 1

      [email protected]$

  • The way to set this up is as follows:

    [email protected]$ ssh-keygen -t rsa1 -f /home/tech/.ssh/key4mac1 -N “”

    [email protected]$ scp -P17 .ssh/key4mac1.pub [email protected]:~/.ssh/authorized_keys

    [email protected] password:

    [email protected]$ cat > .ssh/config

    Host 1

    User tech

    Port 17

    Protocol 1

    IdentityFile /home/tech/.ssh/key4mac1

    Hostname 10.1.2.1

    ^D


A wee bit less simple examples1
A wee bit less Simple Examples

  • Three hosts - Assume: preshared keys

    • 1 has sshd running on port 17

    • 2 has sshd running on port 27

      [email protected]: ssh 2 ‘ssh 1’

      [email protected]$

  • The way to set this up is as follows:

    [email protected]$ cat > .ssh/config

    Host 2

    User tech

    Port 27

    Protocol 1

    IdentityFile /home/tech/.ssh/key4mac2

    Hostname 10.1.2.2

    ^D

  • Note you may need ssh -t 2 ‘ssh -t 1’ ...


An4scd
AN4SCD

  • Buy a copy of “SSH” by Daniel J. Barrett & Richard E. Silverman pub. O’Reilly (ISBN: 0-596-00011-1)

  • Read it

  • I use openssl 0.9.7c with openssh 2.9.9p2-PS2.4.18

  • I do not use any other version of SSH

  • I use Protocol 1 on purpose

  • I use TCP Wrappers w/ IPv6 extensions

  • I keep tight controls using TCP Wrappers


An4scd 2
AN4SCD - 2

  • Static Compile methods

    Get the latest openssl

    1. Compile it static with the /usr/static directory target

    ./config --openssldir=/usr/static --prefix=/usr/static no-shared

    2. Get openssh-2.9.9p2-PS2.4.18 http://www.paksecured.com

    ./configure --prefix=/usr/static --with-ssl-dir=/usr/static --with-ipaddr-display --with-ipv4-default –with-tcp-wrappers

    compile it and install

    Edit the sshd config file

    Make sure you also change the paths for the keys!!


An4scd sshd config
AN4SCD – sshd_config

Port 17

Protocol 1

ListenAddress 192.168.1.1

HostKey /usr/static//etc/ssh_host_key

KeyRegenerationInterval 3600

ServerKeyBits 768

SyslogFacility AUTH

LogLevel INFO

LoginGraceTime 600

PermitRootLogin no

StrictModes yes

RSAAuthentication yes

PubkeyAuthentication yes

RhostsAuthentication no

IgnoreRhosts yes

RhostsRSAAuthentication no

PasswordAuthentication yes

PermitEmptyPasswords no

ChallengeResponseAuthentication no

X11Forwarding no

X11DisplayOffset 10

PrintMotd yes

KeepAlive yes


Fun examples 1
Fun Examples - 1

  • Using commands attached to keys

    • On the server define a command in the authorized_keys file associated with a key

    • Format is “command=“my/command/string”…key data…

      EX:

      command=“/bin/ls -al /logs”ABCDEF1234567

      Then ssh with the appropriate key will only allow you to execute this command.

      Note that this is per key so…


Fun examples 1a
Fun Examples – 1A

  • Each connection performs a different function:

    command=“/bin/tar –C /var –zc logs/”1024 35 140112719741995760396399231074454130954438374725973451608977118896776745893938550429062663972336755352093456208519164097137651780560357432366574014563979537876901893478363907211327813169574947477644423751539165732401392118051347844589891126078421590846523123481112885029800203382369752603047612281250015390957 [email protected]

    command=“/bin/tar –C / –zc etc/”1024 35 220112719741995760396399231074454130954438374725973451608977118896776745893938550429062663931320851916409713765178056037233675531699057432366574014563979537876901893478363907211327813169574947477644423751539165732401392118051347844589891126078421590846523123481112885029800203382369752603047612281250015390957 [email protected]

    command=“/bin/tar –C /home –zc mgm/mail/”1024 35 230112719741995760396399231074454130954438374725973451608977118896776745893938550429062663972336755316990313209800203382369752603085191640971376517805603574323665740145639795378769018934783639072113278131695749474776444237515391657324013921180513478445898911260784215908465231234811128850247612281250015390957 [email protected]

  • First one is keytar1

  • Second one is keytar2

  • Third one is keytar3


Fun examples 1b
Fun Examples – 1B

  • Assuming we have setup the config file then:

    ssh 1 | tar –zxv

    Will generate a copy including timestamps and permissions of the logs/ directory

    ssh 2 | tar –zxv

    Will generate a backup copy of our remote etc/ directory (assuming we have permission…)


Fun examples 2
Fun Examples - 2

  • MultiBounce Sessions

    • Using the three hosts example from earlier

  • Consider:

    ssh 1 ‘ssh 2 /bin/tar -C /home -zc myhomedir/’ | tar -zxv

    ssh 1 ‘ssh 2 “ssh 3 /bin/tar -C /home -zc myhomedir/”’ | tar -zxv

    Note that there are limits…




ad