APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed


SSH

Although "ssh" stands for "Secure Shell", it is not a shell like sh, csh or ksh. Rather, think of it as a way to secure your shell, whatever it is. Secure in this context means encrypted conversations between your machine and some other machine, and that's just about all it means: it doesn't mean that your system or even the system you are ssh'ing to are immune to break-ins or other security breaches and it doesn't necessarily even mean that you can be 100% sure that you really are even connected to the machine you think you are connected to (though you can be pretty sure- more on that below). Encrypted connections are really all that ssh does- everything else that the ssh suite includes, like the ability to copy files or run remote commands, is really just tools added to use the encrypted communications channel.



Title Last Comment
Centos ssh failure  
- I have a customer who uses a fairly new Centos server to function as an ssh gateway to his ancient SCO box. On Friday he told me that no one could ssh in. -

Questions on ssh  
- How to reinstall ssh on SCO 5.0.7 using Custom and the original installation CD. -

ssh forwarding  
- Let's say we have a machine that our firewall will send traffic to, but we actually want to ssh to another internal machine. -

SSH_CLIENT, SSH_CONNECTION (OpenSSH Variables)  
- 2005/05/31 SSH_CLIENT, SSH_CONNECTION (OpenSSH Variables) -

SSH Risk from known_hosts?  
- This whole concept starts with a compromised machine -

IP spoofing and automatic blocking  
- For this to make sense our hacker has to first come in with a real ip address and fail to login the magic number of times. -

SSH passphrases and keys  
- You then need to put the public key (.ssh/id_dsa.pub by default) into the authorized_keys2 file on the server. Once that's done, if you attempt an ssh to the server, you'll be asked for your passphrase rather than the password of the user on the server. Here's the most important thing to understand at this point: The password at the server doesn't matter anymore. You could log into the server and change the password, and ssh is still going to let you in because of the public key and the passphrase you've provided. You could even edit (as root, of course) /etc/shadow on the server and put a * in the password field, which would mean that no password could EVER be used to login as that user, but you could still login as that user using ssh and your key files/passphrase. -

More ssh ideas  
- A friend recently got 'rooted'. He was using ssh (not ssh2). He was getting pages on his phone and processes were dying and such, so he installed "chkrootkit" which is a program that checks your system to see if there is any of a number of root kits installed. He had SuckIt installed on his machine and now has a server to rebuild. -

SSH Login Attacks  
- Failed password for illegal user [username]. in your logs may indicate brute force password guessing attempts. -

Security Paranoia - restricting ssh access  
- I had email from someone today whose system was hacked, apparently by a dictionary attack over ssh. There is no reason to let that happen to you. -

scponly  
- A restricted shell for specific use with scp and sftp. It is configurable, o you can add or subtract apps it can use, but the base purpose is to provide security for file transfers. Often used in conjunction with chroot for even greater lockdown. -

SSH  
- Standard Unix tools like telnet and ftp are not encrypted- everything you type, including your precious passwords, travels in packets that can at least potentially be seen by every machine they pass by or through. -

SSH- The Secure Shell  
- Everything you'd ever need to know about SSH. Well written, very complete- I liked this book! Some of the Amazon reviewers weren't quite so happy with it (one found the lack of NT coverage disappointing), but I enjoyed it start to end. I particularly liked that important concepts were always well explained and not just glossed over. -

DSL and Cable Modem Security with SSH  
- An old article about securing ancient SCO Unix when the Internet access is through DSL. -

(SCO Unix)How can I restrict who can login with ssh?   2010/06/27 anonymous
- (SCO Unix) There's no reason to allow every user access by ssh. You can restrict ssh logins to a specific set of users by an entry in the config file. -

(SCO Unix)Where can I get ssh?  
- This is an old article about obtaining ssh amd other code for older SCO Unix and is only left here for historical purposes. -

(SCO Unix)I ssh to a Linux box and am immediately disconnected  
- (SCO Unix) ssh to Linux, ssh disconnects from bad TERM setting. -

(SCO Unix)How can I tell if a user logged in locally, used rlogin, telnet or ssh?  
- (SCO Unix) You can use the concept here to back trace any process. This script will find the first ancestor process after init. This would be sshd or telnet or just a getty, etc. -

 
 
LOD Communications, Inc.