Intro to SSH

1,890 views
1,764 views

Published on

Rochester 2600

Published in: Technology, Education
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,890
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
32
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Intro to SSH

    1. 1. Using Mongolian Throat Singing AsEntropy for Your SSH keys@PunkrokkRochester Security Podcast @www.syncurity.net
    2. 2. What SSH Does Do Prevents Eavsdropping Name Service and IP Spoofing Connection Hi-Jacking MITM
    3. 3. What SSH Can’t Do SSH Can not prevent: Password Cracking DOS based IP and TCP Attacks (Syn Floods/TCP RST/TCP desynchronization & hijacking Traffic Analysis Dumbasses
    4. 4. SSH System Architecture Source: SSH, The Secure Shell, The Definitive Guide
    5. 5. What is CORE SSH? SSH-TRANS SSH-AUTH SSH-CONN
    6. 6. SSH-2 Protocol Family Source: SSH, The Secure Shell, The Definitive Guide
    7. 7. SSH-TRANSSSH Transport Protocol session ID Server auth* privacy and integrity* data compression* session key exchange* *Negotiable
    8. 8. SSH-AUTHpublic keyhost basedpasswordOthers: gssapi, external keyx...
    9. 9. Building a SSHConnection• ssh -vv host.foo.net • read config file (~/.ssh/ssh_config) • Protocol version Selection (v2 should be forced)
    10. 10. Building a SSHConnection• Key Exchange (2 way) • KEXINIT - exchange and choose compatible encryption suites (e.g. diffie-hellman-group2- sha1) • Outputs: • K = shared secret • H = Exchange Hash (becomes session ID) • Perform Server Auth (comparing with hash fingerprints of known hosts) • Can be repeated after a period of T
    11. 11. Building a SSHConnectionKey Exchange (Cont) Choose SSH host Key types (ssh-rsa, ssh- dsa, null (for Kerberos)) Choose Data Encryption Ciphers (none, aes-128-cbc, 3des-cbc...) *extendable for private Ciphers Choose Integrity Algorithms (hmac-md5, hmac-sha1...) * Prevents replay attacks Choose Compression (None, zlib...)
    12. 12. Building a SSHConnectionKey Exchange (Cont) Important: All the preceding negotiation is one way -- we could have: Client -> Server: ssh-rsa|aes128-cbc| hmac-md5|none Server -> Client: ssh-dsa|3des-cbc| hmac-sha1|zlib
    13. 13. Key Exchange (Cont) The actual Key Exchange debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 120/256 debug2: bits set: 520/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 10.0.1.35 is known and matches the RSA host key. debug1: Found key in /Users/jpbourget/.ssh/known_hosts:6 debug2: bits set: 501/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /Users/jpbourget/.ssh/id_rsa (0x0) debug2: key: /Users/jpbourget/.ssh/id_dsa (0x0) debug1: Authentications that can continue: publickey,password
    14. 14. Building a SSHConnectionKey Exchange (Cont) At this point we can send our credentials one of these ways: ssh-rsa, ssh-dsa other servers (other than open-SSH) support x509, spki-sign, pgp-sign (rss & dsa options for all password
    15. 15. Last SSH-AUTHComment Mitigating MITM Client Sends a RANDOM challenge Server returns challenge signed with it’s host key Client verifies this sig w/the Server/Key binding An attacker can’t spoof the random challenge, nor force the server to return a challenge from a different client = NO MITM or replay attacks
    16. 16. SSH-CONN Now that we have the SSH-AUTH and SSH-TRANS bits completed, we now have a SSH-CONN session We can do alot with this: port forwarding shell redirection X redirection tunnelling SCP/SFTP Hack all the protocols!
    17. 17. now what? Well Doogie, I have a SSL connection
    18. 18. Let’s Setup SomeKeys Key Creation Where do I put my keys? List of places Explanation
    19. 19. Let’s Setup SomeKeys Paths to our Keys: Backtrack - ~/.ssh/ Apple OS-X - /Users/ <username>/.ssh Putty - in putty
    20. 20. Let’s Setup SomeKeys Copying our key to the server scp /Users/jpbourget/.ssh/id_rsa.pub root@10.0.1.35:/root/.ssh/ authorized_keys Make sure to check if authorized_keys file exists - if so append to it (>>)
    21. 21. SSH Key Conn Acheivements Unlocked: m/ Keys Created m/ Keys Copied --> Login With Key
    22. 22. Public Key Loginssh-keygen
    23. 23. Public Key Logincopy our keyssh -vv root@host
    24. 24. Other ssh-tools
    25. 25. Other ssh-toolsssh-agent
    26. 26. Other ssh-toolsssh-agentssh-keyscan
    27. 27. Other ssh-toolsssh-agentssh-keyscanputty
    28. 28. Other ssh-toolsssh-agentssh-keyscanputty
    29. 29. Tube View
    30. 30. Tube Viewmy pcap
    31. 31. Tube Viewmy pcapwait -- after the KEXINIT it’s all encrypted you say?
    32. 32. Tube Viewmy pcapwait -- after the KEXINIT it’s all encrypted you say?well according to ssh man pages you can:
    33. 33. Tube Viewmy pcapwait -- after the KEXINIT it’s all encrypted you say?well according to ssh man pages you can:On the server in /etc/ssh/sshd_config
    34. 34. Tube Viewmy pcapwait -- after the KEXINIT it’s all encrypted you say?well according to ssh man pages you can:On the server in /etc/ssh/sshd_config Cipher none
    35. 35. Tube Viewmy pcapwait -- after the KEXINIT it’s all encrypted you say?well according to ssh man pages you can:On the server in /etc/ssh/sshd_config Cipher nonessh -vv -c none root@mr.t.com
    36. 36. Tube Viewmy pcapwait -- after the KEXINIT it’s all encrypted you say?well according to ssh man pages you can:On the server in /etc/ssh/sshd_config Cipher nonessh -vv -c none root@mr.t.comWait -- our openSSH server won’t start with Ciphernone --- BOO!
    37. 37. Tube Viewmy pcapwait -- after the KEXINIT it’s all encrypted you say?well according to ssh man pages you can:On the server in /etc/ssh/sshd_config Cipher nonessh -vv -c none root@mr.t.comWait -- our openSSH server won’t start with Ciphernone --- BOO!
    38. 38. Who do you think hasa workaround?
    39. 39. Who do you think hasa workaround?
    40. 40. Who do you think hasa workaround?
    41. 41. PENN STATE?
    42. 42. PENN STATE?
    43. 43. PENN STATE?
    44. 44. PENN STATE?Yea -- if you go to: http://www.psc.edu/networking/projects/hpn-ssh/They have a high performance ssh clientwith capabilites for the “none cipher”- mod to openSSHIF YOU CAN’T GO TO COLLEGE GO TO STATE...
    45. 45. CreditsSSH: The Definitive Guide by Barrett,Silverman & ByrnesAn Illustrated Guide to SSH Forwarding http://unixwiz.net/techtips/ssh-agent-forwarding.html#fwd@mubix for Hack Fortress imageMr T
    46. 46. Questions?@punkrokk / http://www.syncurity.net Look for writeups of Shmoocon Labs soon on my siteLink to this presentation: http://bit.ly/z5t9aiCheck out the Roc Sec Podcast: http://syncurity.net/?page_id=450 Looking for Episode IdeasBike from Baltimore to Boston in August: www.cycleoverride.orgDefcon Bike Ride: http://bit.ly/z7P8cu

    ×