ssh ssl n.
Skip this Video
Loading SlideShow in 5 Seconds..
SSH / SSL PowerPoint Presentation
Download Presentation
SSH / SSL

Loading in 2 Seconds...

  share
play fullscreen
1 / 29
Download Presentation

SSH / SSL - PowerPoint PPT Presentation

manchu
207 Views
Download Presentation

SSH / SSL

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. SSH / SSL Supplementary material

  2. Secure Shell (SSH) • One of the primary goals of the ARPANET was remote access • Several different connections allowed • rlogin • rcp • rsh • All data was unencrypted • This was a different world than exists today.

  3. SSH • SSH is a UNIX-based command interface and protocol for securely accessing a remote computer • Suite of four utilities—slogin, ssh, sftp, and scp • Can protect against: • IP spoofing • DNS spoofing • Intercepting information

  4. SSH Objectives • Protect data sent over the network • Negotiate an encryption algorithm between sender and receiver • Use that algorithm and a session key to encrypt / decrypt data sent • Provide site authentication • Use public key / fingerprint to ensure identity of remote host. • Relies on locally generated keys, so no certifying authority is generally available.

  5. SSH Graphical Client

  6. SSH Command Line Client (Linux) cs490ns-cotter 6

  7. SSH CommunicationsUsing password SSH Server SSH Client SSH2? SSH2 Diffie-Helman, etc? Diffie-Helman Send Serv_Pub_Key Serv_Pub_key(S_key) OK S_key(Uname,pwd) OK S_key(data)

  8. SSH Wire Shark Trace

  9. SSH CommunicationsUsing Public Key • Problems with Password Authentication • Passwords can be guessed. • Default allows multiple attempts against account • Only 1 account / password needs to be guessed • Alternate approach is to use public / private keys to authenticate user • Public Key Authentication • Create public / private keypair • Ensure that private • Upload public key to server user account: ~.ssh/authorized_keys • ssh –o PreferredAuthentications=publickey server.example.org

  10. SSH CommunicationsUsing Public Key SSH Server SSH Client SSH2? SSH2 Diffie-Helman, etc? Diffie-Helman Send Serv_Pub_Key Serv_Pub_key(S_key) OK S_key(Uname) Client_Pub_key(Random) Client_Pri_key(msg) Hash(Random) OK S_key(data) cs490ns-cotter

  11. sFTP in Linux cs490ns-cotter 11

  12. SFTP

  13. SFTP

  14. SSH Tunneling • Use SSH to create an encrypted channel between remote host and server • Use that encrypted channel to carry other traffic. LAN www access Internet Web Server 192.168.1.10 Local port 12345 SSH Tunnel

  15. SSH Tunneling ssh –L 12345:192.168.1.10:80 –l root homenet.net

  16. SSH Tunneling

  17. Secure Copy (scp) • Allows encrypted transfer of files between machines • Download files from server: • scp user@server.net:myfile1.txt myfile1.txt • user@server.net’s password: xxxxx • Upload files to server • Scp myfile.txt user@server.net:myfile.txt • user@server.net’s password: xxxxx

  18. SSH Passwordless Login • On remote client: • Create key pair. Store in .ssh subdirectory • On ssh server: • Modify sshd_config to allow shosts based authentication • Create .shosts file in user’s subdirectory • Copy public key from remote client to .ssh subdirectory/authorized_keys

  19. SSH Passwordless Login SSH Server SSH Client SSH2? SSH2 Diffie-Helman, etc? Diffie-Helman Send Serv_Pub_Key Serv_Pub_key(S_key) OK S_key(Uname) Client_Pub_key(Random) Client_Pri_key(msg) Hash(Random) OK S_key(data)

  20. SecureSockets Layer (SSL)Transport Layer Security (TLS) • Originally developed by Netscape to support encrypted access to web servers. • SSL v3 released 1996. • Served as the basis for IETF standard TLS (1999) • Used by major financial institutions for secure commerce over the Internet • Early problem with weak keys resolved with longer (128-bit) keys

  21. SSL / TLS Application (www) SSL / TLS TCP IP

  22. SSL/TLS Handshake SSL Server SSL Client Client hello Ciphers I have Server Hello Cipher I choose Server certificate (S_Pub) S_Pub(Session_key) OK Session_key(data) OK

  23. SSL/TLS Security • Depends on integrity of public key certificate • Public Key Infrastructure (PKI) • Components necessary to securely distribute public keys • Certificate Authorities: Organizations that certify the relationship between a public key and its owner. • Verisign,Thawte

  24. SSL/TLS Implementations • SSL v2 – Still in use • SSL v3 – Most widely deployed • TLS v1 – Starting Deployment • OpenSSL – Linux/UNIX toolkit that supports all 3 protocols listed above. • Private Communication Technology (PCT) • Developed by Microsoft • Compatible with SSL v2 • Versions are not completely compatible

  25. SSL/TLS Vulnerability • SSL/TLS supports the concept of session renegotiation due to errors, requests, etc. • This feature assumes that the renegotiation is with the original party, and any requests or messages transmitted before the renegotiation are combined (pre-pended) with the requests after renegotiation • This behavior can be abused to allow man-in-the-middle attacks • Demonstrated with https, but the vulnerability exists with any application that uses SSL/TLS

  26. SSL/TLS Vulnerability Client MITM Server TLS handshake session #1 TLS handshake session #2 GET /ebanking/paymemoney.cgi? Acc=LU00000000?amount=1000 Ignore-what-comes-now; Trigger renegotiation X TLS handshake session #1 continued within the encrypted session #2 Server receives: GET /ebanking/paymemoney.cgi? Acc=LU00000000?amount=1000 Ignore-what-comes-now; GET /ebanking/ Cookie: AS2398648756083745 Client has authenticated session At app layer (with cookie) GET /ebanking/ Cookie: AS2398648756083745

  27. References SSH SSH Tutorial (http://www.suso.org/docs/shell/ssh.sdf) www.openssh.org UNIX Secure Shell – Carasik – McGraw-Hill, 1999 SSH Agent Forwarding (unixwiz.net/techtips/ssh-agent-forwarding.html) SSL www.openSSL.org RFCs – 2246, 3546 SSL Authentication Gap (SSL Gap) (http://www.phonefactor.com/sslgap ) TLS/SSL renegotiation vulnerability explained (http://www.g-sec.lu/practicaltls.pdf ) cs490ns-cotter 27

  28. SSH RFCs • 4250 The Secure Shell (SSH) Protocol Assigned Numbers. • S. Lehtinen, C. Lonvick, Ed.. January 2006. (Format: TXT=44010 bytes) • (Status: PROPOSED STANDARD) • 4251 The Secure Shell (SSH) Protocol Architecture. • T. Ylonen, C. Lonvick, Ed.. January 2006. (Format: TXT=71750 bytes) • (Status: PROPOSED STANDARD) • 4252 The Secure Shell (SSH) Authentication Protocol. • T. Ylonen, C. Lonvick, Ed.. January 2006. (Format: TXT=34268 bytes) • (Status: PROPOSED STANDARD) • 4253 The Secure Shell (SSH) Transport Layer Protocol. • T. Ylonen, C. Lonvick, Ed.. January 2006. (Format: TXT=68263 bytes) • (Status: PROPOSED STANDARD) • 4254 The Secure Shell (SSH) Connection Protocol. • T. Ylonen, C. Lonvick, Ed.. January 2006. (Format: TXT=50338 bytes) • (Status: PROPOSED STANDARD) • 4255 Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints. • J. Schlyter, W. Griffin. January 2006. (Format: TXT=18399 bytes) • (Status: PROPOSED STANDARD) • 4256 Generic Message Exchange Authentication for the Secure Shell Protocol (SSH). • F. Cusack, M. Forssen. January 2006. (Format: TXT=24728 bytes) • (Status: PROPOSED STANDARD) • 4344 The Secure Shell (SSH) Transport Layer Encryption Modes. • M. Bellare, T. Kohno, C. Namprempre. January 2006. (Format: TXT=27521 bytes) • (Status: PROPOSED STANDARD) • 4419 Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol. • M. Friedl, N. Provos, W. Simpson. March 2006. (Format: TXT=18356 bytes) • (Status: PROPOSED STANDARD) • 4716 The Secure Shell (SSH) Public Key File Format • . J. Galbraith, R. Thayer. November 2006. (Format: TXT=18395 bytes) • (Status: INFORMATIONAL) • 4819 Secure Shell Public Key Subsystem. • J. Galbraith, J. Van Dyke, J. Bright. March 2007. (Format: TXT=32794 bytes) • (Status: PROPOSED STANDARD)

  29. Summary • SSH • Supports secure remote access to hosts • SSH – secure shell • SCP – secure copy • SFTP – secure file transfer • SSL • Provides a framework for incorporating secure communications into applications • Uses strong cryptography • Can rely on PKI for reliable sharing of public keys