Scribd Logo
Upload

Welcome to Scribd!

  • พื้นฐานความรู้เกี่ยวกับ Secure Shell SSH 2 มิ.ย. 49

    Uploaded by

    Num Numtrex
    12 views41 pages
    พื้นฐานความรู้เกี่ยวกับ-Secure-Shell-SSH

    Original Title

    พื้นฐานความรู้เกี่ยวกับ-Secure-Shell-SSH-2-มิ.ย.-49

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    พื้นฐานความรู้เกี่ยวกับ-Secure-Shell-SSH

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views41 pages

    พื้นฐานความรู้เกี่ยวกับ Secure Shell SSH 2 มิ.ย. 49

    Uploaded by

    Num Numtrex
    พื้นฐานความรู้เกี่ยวกับ-Secure-Shell-SSH

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 41

    Secure Shell

    u4606295@cm.edu

    introduction

    Secure Shell
    History
    secure shell
    SSH Protocol

    Server Configuration
    TCP Wrapper
    client (Linux,Windows)

    Secure Shell
    Secure Shell
    remote access


    authentication encryption

    SSH History
    1995
    - ssh1 Tatu
    Ylonen

    - (HUT)

    1996
    ssh2

    Internet Standard
    IETF

    1999 - OpenSSH
    open source
    Don't tell anyone that I'm free.

    Secure Shell
    Secure Shell
    remote access
    telnet, rlogin, rsh

    Secure Shell

    telnet server

    Secure Shell

    ssh server
    password

    ssh
    client
    Encryption
    Authentication

    RSA DSA

    Encryption

    IDEA, DES Blowfish

    Platform
    MsDOS

    Linux
    Windows
    Macintosh

    UNIX

    SSH Protocol
    SSH1

    - RSA algorithm
    -

    SSH2

    -
    - secure
    - SFTP
    - license ( )

    Secure Shell
    ssh1 ssh2

    encryption

    authentication

    Encryption
    DES (Data Encryption
    Standard)

    IBM 1975
    Key 56 bit
    insecure
    key

    http://en.wikipedia.org/wiki/Data_Encryption_Standard

    Encryption

    Triple DES
    (3DES)

    IBM
    1978
    key 168
    bit

    http://en.wikipedia.org/wiki/3DES

    RSA Algorithm
    Ron
    Rivest, Adi Shamir
    Len Adleman
    MIT
    Algorithm
    Public-Key encryption

    DSA (Digital Signature


    Algorithm)

    standard digital signature


    National Security Agency (NSA)

    Latest Version
    Update 20 .. 2549
    SSH1 1.2.33
    SSH2 3.2.9

    config server Linux


    /etc/ssh/sshd_config

    config
    # option

    http://thaicert.nectec.or.th/paper/basic/Secure_S
    Port 22
    : port
    ListenAddress

    192.168.1.1
    : IP interface
    HostKey
    server
    /etc/ssh/ssh_host_k : path private
    ey
    key host
    ServerKeyBits
    : key
    : login
    1024
    : key
    LoginGraceTime

    600
    KeyRegenerationInte : username

    PrintMotd yes
    :
    msg of the day
    RhostsAuthentication no

    RhostsRSAAuthentication
    : no
    Rhosts Authentication
    RSAAuthentication yes

    PasswordAuthentication:
    yes
    RSA Authentication
    PermitEmptyPasswordsno
    Rhost
    Subsystem sftp
    : RSA Authentication
    /usr/libexec/openssh/sftp
    server
    : Password
    Authentication
    ---------------------------------------------------------------------: login
    ----------------------------------- restart
    service
    password

    :
    /etc/rc.d/init.d/sshd restart
    SFTP (default)

    TCP Wrapper
    Monitor service server
    /etc/inetd.conf

    Run TCPD deamon


    service hosts.allow
    hosts.deny

    Hosts.allow
    host service
    /etc/hosts.allow
    Form Service : IP
    all
    all
    all
    all

    :
    :
    :
    :

    telnet : 10.9.0.
    10.0.0.1
    finger : 10.9.0.
    10.0.0.2, 10.0.0.3
    10.0.1.0/255.255.255.0 tftp : 10.9.0.3
    10.0.2.1, 10.0.3.0/255.255.255.0

    Hosts.allow

    Hosts.deny
    host/client service
    /etc/hosts.deny
    Form Service : IP
    !!!! all : all

    Hosts.deny

    service
    service /etc/xinetd.d/

    !!! service

    Telnet

    service /etc/xinetd.d/telnet
    disable yes

    !!! restart service


    /etc/rc.d/init.d/xinet.d restart

    Grep disable *


    client Linux
    ssh username@hostname

    Client Window
    SSH Secure Shell Client

    Secure
    command-shell SFTP

    http://www.ssh.com

    SSH Secure Shell Client


    Interface

    SSH Secure Shell Client


    connection remote host

    SSH Secure Shell Client


    Authentication password

    SSH Secure Shell Client


    login

    Client Window
    PuTTY

    telnet ssh s
    ssh PSFTP PSCP
    Win32 UNIX Platforms

    download

    http://www.chiark.greenend.org.uk/~sgtatham/putty/d

    PuTTY
    Interface

    PuTTY
    login

    http://en.wikipedia.org/wiki/Secure_Shell
    http://cryp.to/publications/the-secure-shell/
    http://www.rz.uni-karlsruhe.de/~ig25/ssh-faq/
    http://biss.beckman.uiuc.edu/security/workshops/20
    http://www.ssh.com/support/documentation/online/

    o
    i

    n
    s

    You might also like