130 likes | 263 Views
NEbraskaCERT SSH Tricks. Matthew G. Marsh 05/21/03. Overview. SSH What is it How does it work Discussion of Network Topology Tricks for multiple hosts Keys and config files MultiHop tricks Q&A. SSH . What is it
E N D
NEbraskaCERTSSH Tricks Matthew G. Marsh 05/21/03
Overview • SSH • What is it • How does it work • Discussion of Network Topology • Tricks for multiple hosts • Keys and config files • MultiHop tricks • Q&A
SSH • What is it • Secure Shell was developed to solve the two most acute problems in the Internet, secure remote terminal logins and secure file transfers. • Essentially an encrypted Remote Utilities replacement • How does it work • Set up and generation of an encrypted TCP connection • Authentication can be Password or PubPriv key • Arbitrary TCP ports - WKP = 22 • In this session we will concentrate on SSH1 using key based authentication
Simple Examples • Two hosts • 1 has a sshd running on WKP • 2 has a client root@2: ssh 1 root@1’s password: # • This allows root to login remotely using a password - BAD! • Better is to define: ‘PermitRootLogin no’ in the sshd_config file
Simple Examples • Two hosts - preshared key • 1 has a sshd running on WKP • 2 has a client tech@2: ssh 1 tech@2$ • The way to set this up is as follows: tech@2$ ssh-keygen -t rsa1 -f /home/tech/.ssh/key4mac1 -N “” tech@2$ scp .ssh/key4mac1.pub tech@1:~/.ssh/authorized_keys tech@1’s password: tech@2$ cat > .ssh/config Host 1 User tech Protocol 1 IdentityFile /home/tech/.ssh/key4mac1 Hostname 10.1.2.1 ^D
A wee bit less Simple Examples • Two hosts - preshared key • 1 has a sshd running on port 17 • 2 has a client tech@2: ssh 1 tech@2$ • The way to set this up is as follows: tech@2$ ssh-keygen -t rsa1 -f /home/tech/.ssh/key4mac1 -N “” tech@2$ scp -P17 .ssh/key4mac1.pub tech@1:~/.ssh/authorized_keys tech@1’s password: tech@2$ cat > .ssh/config Host 1 User tech Port 17 Protocol 1 IdentityFile /home/tech/.ssh/key4mac1 Hostname 10.1.2.1 ^D
A wee bit less Simple Examples • Three hosts - Assume: preshared keys • 1 has sshd running on port 17 • 2 has sshd running on port 27 tech@3: ssh 2 ‘ssh 1’ tech@1$ • The way to set this up is as follows: tech@3$ cat > .ssh/config Host 2 User tech Port 27 Protocol 1 IdentityFile /home/tech/.ssh/key4mac2 Hostname 10.1.2.2 ^D • Note you may need ssh -t 2 ‘ssh -t 1’ ...
AN4SCD • Buy a copy of “SSH” by Daniel J. Barrett & Richard E. Silverman pub. O’Reilly (ISBN: 0-596-00011-1) • Read it • I use openssl 0.9.7b with openssh 2.9.9p2 • I do not use any other version of SSH • I use Protocol 1 on purpose • I use TCP Wrappers w/ IPv6 extensions • I keep tight controls using TCP Wrappers
AN4SCD - 2 • Static Compile methods Get the latest openssl 1. Compile it static with the /usr/static directory target ./config --openssldir=/usr/static --prefix=/usr/static no-shared 2. Get openssh-2.9.9p2 ./configure --prefix=/usr/static --with-ssl-dir=/usr/static --with-ipaddr-display --with-ipv4-default --disable-lastlog --disable-utmp --disable-wtmp NOTE: this one is the emergency backup so do not use TCP wrappers! compile it and install Now copy over the /etc/ssh/ directory into /usr/static/etc Edit the sshd config file to change the port so that it does not interfere with the regular ssh Make sure you also change the paths for the keys!!
Fun Examples • Using commands attached to keys • On the server define a command in the authorized_keys file associated with a key • Format is “command=“my/command/string”…key data… EX: command=“/bin/ls -al /logs”ABCDEF1234567 Then ssh with the appropriate key will only allow you to execute this command.
Fun Examples - 2 • MultiBounce Sessions • Using the three hosts example from earlier • Consider: ssh 1 ‘ssh 2 /bin/tar -C /home -zc myhomedir/’ | tar -zxv ssh 1 ‘ssh 2 “ssh 3 /bin/tar -C /home -zc myhomedir/”’ | tar -zxv Note that there are limits…