Page 145 - StudyBook.pdf
P. 145

Communication Security: Remote Access and Messaging • Chapter 3  129

                 SSH


                 SSH is a cryptographically secure replacement for standard Telnet, Remote Login
                 (rlogin), Remote Shell (RSH), and RCP commands. SSH consists of both a client
                 and a server that use public key cryptography to provide session encryption. It also
                 provides the ability to forward arbitrary ports over an encrypted connection.
                    SSH has received wide acceptance as the secure mechanism for access to
                 remote systems interactively. SSH was conceived and developed by Finnish devel-
                 oper,Tatu Ylonen.When the original version of SSH became a commercial ven-
                 ture, the license became more restrictive.A public specification was created,
                 resulting in the development of a number of versions of SSH-compliant client
                 and server software that do not contain the restrictions (most significantly, those
                 that restrict commercial use).
                    SSH deals with the confidentiality and integrity of information being passed
                 between a client and host. Since programs such as Telnet and rlogin transmit user-
                 names and passwords in cleartext, sniffing a network is easy. By beginning an
                 encrypted session before the username and password are transmitted, confidentiality
                 is guaranteed. SSH protects the integrity of the data being transmitted by the use of
                 session keys.The client keeps a list of user keys for servers with which it previously
                 established secure sessions. If the key matches, the secure session is established and
                 the integrity of the data being transmitted is confirmed. Using SSH helps protect
                 against different types of attacks including packet sniffing, IP spoofing, and manipu-
                 lation of data by unauthorized users.

                 How SSH Works

                 When a client wants to establish a secure session with a host, the client initiates
                 communication by requesting an SSH session. Once the server receives the request
                 from the client, the two perform a handshake, which includes the verification of the
                 protocol version. Next, session keys are exchanged between the client and the
                 server. Once session keys have been exchanged and verified against a cache of host
                 keys, the client can begin the secure session. Figure 3.10 depicts the SSH authenti-
                 cation process.













                                                                              www.syngress.com
   140   141   142   143   144   145   146   147   148   149   150