[Next] [Previous] [Up] [Top] [Contents]
29.1 Secure SHell
29.1.1 Description of SSH
Secure SHell is designed to provide strong authentication and secure communications over what are normally insecure channels. It allows remote logons, remote execution of commands, and remote copies, acting as a direct replacement for rlogin, rsh, rcp, and rdist. It provides the following features:
- Strong authentication SSH can use .rhosts together with RSA based host authentication, and pure RSA authentication.
- Improved privacy Encryption of all communications are automatic and transparent. Key exchange is done with RSA. The session is encrypted with a cipher (IDEA, DES, or triple-DES). Encryption is started before authentication so that no passwords are ever sent in the clear.
- Secure X11 sessions DISPLAY is automatically set on the server machine, forwarding any X11 connections over the secure channel.
- Port forwarding Bi-directional redirection of arbitrary TCP/IP ports can be done through the encrypted channel.
- Automatic Replace the insecure programs with secure ones and everything happens automatically for the users. Old .rhosts files will still be valid, but with strong authentication, if the system administrator installs host key files.
- Never trusts the network With RSA authentication nothing but the private key is trusted.
- Prevents spoofing The client and the server each use RSA to authenticate the other. The client authenticates the server at the start of each connection, and the server authenticates the client before it allows .rhosts or /etc/hosts.equiv access. This prevents DNS, routing, or IP-spoofing and man-in-the-middle attacks.
- Host authentication key typically 1024 bits. These can be generated and distributed centrally and automatically or manually by each user for their own use. Both the central and per-user host keys are used.
- User authentication keys typically 1024 bits. Each user can create any number of RSA user authentication keys for their own use. The public keys are stored in a private file. The user provides the private key to authenticate.
- Server key regeneration The server regenerates its RSA key (normally 768 bits) automatically every hour (configurable) and never saves it in a file. Session keys are exchanged after encryption using both the server key and the server host key. This prevents capturing a session and deciphering it at a later time.
- Authentication agents can hold the user's RSA authentication keys. These would typically be running on the user's laptop or local machine and there is no need to store the RSA authentication keys anywhere else. SSH automatically forwards the connection to the authentication agent, never revealing the keys. The protocols are only used to verify that the agent has a user's key.
- Customizable The client has customizable configuration files, both system-wide and per-user. Different options can be specified for different hosts.
- rsh fallback If the server machine is not running sshd a warning is displayed and then ssh automatically falls back to using conventional rsh.
- Compression gzip compression of all data, including forwarded X11 and TCP/IP port data, is optional.
Unix System Administration - 8 AUG 1996
[Next] [Previous] [Up] [Top] [Contents]