Wednesday, May 9, 2012

ssh on linux

Secure shell or SSH is a protocol called network connectivity which replaces telnet, rcp, and rsh. SSH is a remote login that allows us to login to a host in a local network. By logging into other hosts, then we can act like as a user on the computer.

SSH is not a terminal or console to run the basic commands such as operating systems, csh (C-Shell), bash (Bourne Again Shell), ksh (Korn Shell), etc. SSH products First built is by Tatu Ylönen . Because the product and the protocol name are alike we got to differentiate them.

Protocol is Marked with a dash : SSH-1, SSH-2
Products are usually a mixture of lower and uppercase: OpenSSH, Tectia, PuTTY, etc.
The program uses lowercase: ssh, scp, putty, etc.


1 Key Generator

In order for two computers can interact via the SSH protocol, one computer should act as a client and the other acting as a server. The server must open port 22 so that the client can contact him. The server must create rsa1 key for SSH-1 protocol and rsa and dsa keys for SSH-2 protocol.

To make these keys make the following short script with the names generated:

ssh-keygen-f /etc/ssh/ssh_host_key-N-t rsa1 xxxxx
ssh-keygen-f /etc/ssh/ssh_host_rsa_key xxxxx-N-t rsa
ssh-keygen-f /etc/ssh/ssh_host_dsa_key xxxxx-N-t dsa
/usr/sbin/sshd

Then run the script:

# Chmod + x generate
# ./Generate


2 Key Transaction

When we make a key for each identification, the system will create a public key with a name similar to the name identifying the key but the added .pub extension. In this example I use Slackware as a server and Backtrack as a client.

ssh-keygen will create the file /etc/ssh/ssh_host_rsa_key as an authentication key with a passphrase xxxxx. Passphrase used to encrypt the privacy of this file using 3DES. /etc/ssh/ssh_host_rsa_key is not be readable by users other than the owner. ssh will read the file /etc/ssh/ssh_host_rsa_key during the login process. But the file /etc/ssh/ssh_host_rsa_key.pub does not need to be kept confidential.


when client "Backtrack" contacting server "slackkernel" with ssh through port 22, the client will retrieve the contents of the file /etc/ssh/ssh_host_rsa_key.pub on the server (192.168.1.3/24)
and put it in local ~/.ssh/known_hosts (192.168.1.1/24)

Server can copy the contents of the local file /etc/ssh/ssh_host_rsa_key.pub to ~/.ssh/authorized_keys on the client with
# Ssh-copy-id-i /etc/ssh/ssh_host_rsa_key 192.168.1.1
Slackware server can also read the contents of the file /etc/ssh/ssh_host_rsa_key.pub on client host with ssh-keyscan

3 Remote Login

Congratulations you have been able to enter (login) to the remote host. You will deserve of privileges of the user account you use. If the user account you are logged Enmei then you only have rights such as user Enmei:

# ssh enmei@192.168.1.3

But if the login is root then there is no limit of what you will do:

# ssh root@192.168.1.3

Keep in mind that the program is only a remote ssh login so resources (resource) of hardware that you use local host hardware NOT the hardware remote host


4 Remote Copy

Through this we also SSH protocol to copy a file or folder from the local host to remote host or from a remote host to local host. but we can't still copy between two remote hosts.

To copy the file /etc/resolv.conf from the remote host (192.168.1.3) to the directory /root just type:

# scp 192.168.1.3:/etc/resolv.conf /root

Vice versa we can send the /etc/resolv.conf from the local host to the directory /tmp on the remote host with:

# scp /etc/resolv.conf 192.168.1.3:/tmp

with this utility we can also copy an entire folder, suppose you copy a folder /pentest from local host (192.168.1.1) to /tmp on a remote host (192.168.1.3)

# scp -r /pentest 192.168.1.3:/tmp


5 Secure File Transfer Protocol

In addition to the scp we can also perform file transfers with sftp (secure file transfer protocol). sftp interface is like ftp interface but actually using ssh encryption and authentication. Syntax similar to ftp:

# sftp 192.168.1.3

In sftp prompt we can send the file /etc/resolv.conf local host to /tmp on the remote host with the put command

sftp advantage is the flexibility compared to ordinary ssh command. We can access the local host by giving a prefix! (Exclamation mark) the beginning of the command. ie we want to know the active directory on the local host then we type! because pwd pwd pwd is NOT going to show the active directory on the remote machine

So even though we were logged into a remote host we still can do anything on the local machine by simply adding "!" at the beginning of the command without having to logout first.

6 Secure Network File System

Like the NFS that can make a mount point folder in your local host for the remote host. Suppose we create a mount point /slack for a folder / on the remote host 192.168.1.3. Regarding the permissions that we get depends on the user account that we use (in this case root).

Given sshfs, you do not need anymore trouble in managing the files because you no longer need a complicated tool. You can manage files on remote hosts as if you manage files in your local host.

I think sshfs is the most ideal application to apply. Ideal for a very large function with very little option.

No comments:

Post a Comment