Secure Shell (SSH)
In this paper, I will discuss the network protocol Secure shell, better known as SSH. Interest in choosing this protocol came from my frequent use of SSH to run applications on the remote servers in Coover Hall. Because of this, I will be exploring the details on how the protocol works, vulnerabilities associated with it and mitigation techniques put in place to counter attacks.
SSH is a Cryptographic Network Protocol created to replace Telnet. Its purpose is to provide a secure connection between a client and server across a public network for data transfer or remote operation. When SSH is evoked, the client will begin the initial TCP handshake by distributing its public key with the server. Once received, the server will use that key to encrypt a session key that is then returned over the network. When the client receives this encrypted session key it uses its private key to decrypt it. Now the client and server both share the same session key …show more content…
The first is the security that comes from establishing a session key, by regularly establishing new keys you lower the likely hood of an attacker gaining access to your network. Avoiding brute force attacks are mitigated by users becoming informed about not sharing their login credentials and generating stronger passwords. Another thing that combats this is having a honeypot to log attempted logins for all sessions. This implementation will flag administration by showing failed logins that could point to possible attacks in place. Another mitigation technique is to keep the SSH protocol at the latest stable version to fix previous problems. The vulnerability expressed earlier in [2] is fixed by a simple SSH update. Man in the middle attacks can be prevented by deploying some sort of certification mechanism to verify you the credentials of who you are in contact with
In this paper, I will discuss the network protocol Secure shell, better known as SSH. Interest in choosing this protocol came from my frequent use of SSH to run applications on the remote servers in Coover Hall. Because of this, I will be exploring the details on how the protocol works, vulnerabilities associated with it and mitigation techniques put in place to counter attacks.
SSH is a Cryptographic Network Protocol created to replace Telnet. Its purpose is to provide a secure connection between a client and server across a public network for data transfer or remote operation. When SSH is evoked, the client will begin the initial TCP handshake by distributing its public key with the server. Once received, the server will use that key to encrypt a session key that is then returned over the network. When the client receives this encrypted session key it uses its private key to decrypt it. Now the client and server both share the same session key …show more content…
The first is the security that comes from establishing a session key, by regularly establishing new keys you lower the likely hood of an attacker gaining access to your network. Avoiding brute force attacks are mitigated by users becoming informed about not sharing their login credentials and generating stronger passwords. Another thing that combats this is having a honeypot to log attempted logins for all sessions. This implementation will flag administration by showing failed logins that could point to possible attacks in place. Another mitigation technique is to keep the SSH protocol at the latest stable version to fix previous problems. The vulnerability expressed earlier in [2] is fixed by a simple SSH update. Man in the middle attacks can be prevented by deploying some sort of certification mechanism to verify you the credentials of who you are in contact with