Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Intro to SSH

2,592 views

Published on

Rochester 2600

Published in: Technology, Education
  • Be the first to comment

Intro to SSH

  1. 1. Using Mongolian Throat Singing AsEntropy for Your SSH keys@PunkrokkRochester Security Podcast @www.syncurity.net
  2. 2. What SSH Does Do Prevents Eavsdropping Name Service and IP Spoofing Connection Hi-Jacking MITM
  3. 3. What SSH Can’t Do SSH Can not prevent: Password Cracking DOS based IP and TCP Attacks (Syn Floods/TCP RST/TCP desynchronization & hijacking Traffic Analysis Dumbasses
  4. 4. SSH System Architecture Source: SSH, The Secure Shell, The Definitive Guide
  5. 5. What is CORE SSH? SSH-TRANS SSH-AUTH SSH-CONN
  6. 6. SSH-2 Protocol Family Source: SSH, The Secure Shell, The Definitive Guide
  7. 7. SSH-TRANSSSH Transport Protocol session ID Server auth* privacy and integrity* data compression* session key exchange* *Negotiable
  8. 8. SSH-AUTHpublic keyhost basedpasswordOthers: gssapi, external keyx...
  9. 9. Building a SSHConnection• ssh -vv host.foo.net • read config file (~/.ssh/ssh_config) • Protocol version Selection (v2 should be forced)
  10. 10. Building a SSHConnection• Key Exchange (2 way) • KEXINIT - exchange and choose compatible encryption suites (e.g. diffie-hellman-group2- sha1) • Outputs: • K = shared secret • H = Exchange Hash (becomes session ID) • Perform Server Auth (comparing with hash fingerprints of known hosts) • Can be repeated after a period of T
  11. 11. Building a SSHConnectionKey Exchange (Cont) Choose SSH host Key types (ssh-rsa, ssh- dsa, null (for Kerberos)) Choose Data Encryption Ciphers (none, aes-128-cbc, 3des-cbc...) *extendable for private Ciphers Choose Integrity Algorithms (hmac-md5, hmac-sha1...) * Prevents replay attacks Choose Compression (None, zlib...)
  12. 12. Building a SSHConnectionKey Exchange (Cont) Important: All the preceding negotiation is one way -- we could have: Client -> Server: ssh-rsa|aes128-cbc| hmac-md5|none Server -> Client: ssh-dsa|3des-cbc| hmac-sha1|zlib
  13. 13. Key Exchange (Cont) The actual Key Exchange debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 120/256 debug2: bits set: 520/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 10.0.1.35 is known and matches the RSA host key. debug1: Found key in /Users/jpbourget/.ssh/known_hosts:6 debug2: bits set: 501/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /Users/jpbourget/.ssh/id_rsa (0x0) debug2: key: /Users/jpbourget/.ssh/id_dsa (0x0) debug1: Authentications that can continue: publickey,password
  14. 14. Building a SSHConnectionKey Exchange (Cont) At this point we can send our credentials one of these ways: ssh-rsa, ssh-dsa other servers (other than open-SSH) support x509, spki-sign, pgp-sign (rss & dsa options for all password
  15. 15. Last SSH-AUTHComment Mitigating MITM Client Sends a RANDOM challenge Server returns challenge signed with it’s host key Client verifies this sig w/the Server/Key binding An attacker can’t spoof the random challenge, nor force the server to return a challenge from a different client = NO MITM or replay attacks
  16. 16. SSH-CONN Now that we have the SSH-AUTH and SSH-TRANS bits completed, we now have a SSH-CONN session We can do alot with this: port forwarding shell redirection X redirection tunnelling SCP/SFTP Hack all the protocols!
  17. 17. now what? Well Doogie, I have a SSL connection
  18. 18. Let’s Setup SomeKeys Key Creation Where do I put my keys? List of places Explanation
  19. 19. Let’s Setup SomeKeys Paths to our Keys: Backtrack - ~/.ssh/ Apple OS-X - /Users/ <username>/.ssh Putty - in putty
  20. 20. Let’s Setup SomeKeys Copying our key to the server scp /Users/jpbourget/.ssh/id_rsa.pub root@10.0.1.35:/root/.ssh/ authorized_keys Make sure to check if authorized_keys file exists - if so append to it (>>)
  21. 21. SSH Key Conn Acheivements Unlocked: m/ Keys Created m/ Keys Copied --> Login With Key
  22. 22. Public Key Loginssh-keygen
  23. 23. Public Key Logincopy our keyssh -vv root@host
  24. 24. Other ssh-tools
  25. 25. Other ssh-toolsssh-agent
  26. 26. Other ssh-toolsssh-agentssh-keyscan
  27. 27. Other ssh-toolsssh-agentssh-keyscanputty
  28. 28. Other ssh-toolsssh-agentssh-keyscanputty
  29. 29. Tube View
  30. 30. Tube Viewmy pcap
  31. 31. Tube Viewmy pcapwait -- after the KEXINIT it’s all encrypted you say?
  32. 32. Tube Viewmy pcapwait -- after the KEXINIT it’s all encrypted you say?well according to ssh man pages you can:
  33. 33. Tube Viewmy pcapwait -- after the KEXINIT it’s all encrypted you say?well according to ssh man pages you can:On the server in /etc/ssh/sshd_config
  34. 34. Tube Viewmy pcapwait -- after the KEXINIT it’s all encrypted you say?well according to ssh man pages you can:On the server in /etc/ssh/sshd_config Cipher none
  35. 35. Tube Viewmy pcapwait -- after the KEXINIT it’s all encrypted you say?well according to ssh man pages you can:On the server in /etc/ssh/sshd_config Cipher nonessh -vv -c none root@mr.t.com
  36. 36. Tube Viewmy pcapwait -- after the KEXINIT it’s all encrypted you say?well according to ssh man pages you can:On the server in /etc/ssh/sshd_config Cipher nonessh -vv -c none root@mr.t.comWait -- our openSSH server won’t start with Ciphernone --- BOO!
  37. 37. Tube Viewmy pcapwait -- after the KEXINIT it’s all encrypted you say?well according to ssh man pages you can:On the server in /etc/ssh/sshd_config Cipher nonessh -vv -c none root@mr.t.comWait -- our openSSH server won’t start with Ciphernone --- BOO!
  38. 38. Who do you think hasa workaround?
  39. 39. Who do you think hasa workaround?
  40. 40. Who do you think hasa workaround?
  41. 41. PENN STATE?
  42. 42. PENN STATE?
  43. 43. PENN STATE?
  44. 44. PENN STATE?Yea -- if you go to: http://www.psc.edu/networking/projects/hpn-ssh/They have a high performance ssh clientwith capabilites for the “none cipher”- mod to openSSHIF YOU CAN’T GO TO COLLEGE GO TO STATE...
  45. 45. CreditsSSH: The Definitive Guide by Barrett,Silverman & ByrnesAn Illustrated Guide to SSH Forwarding http://unixwiz.net/techtips/ssh-agent-forwarding.html#fwd@mubix for Hack Fortress imageMr T
  46. 46. Questions?@punkrokk / http://www.syncurity.net Look for writeups of Shmoocon Labs soon on my siteLink to this presentation: http://bit.ly/z5t9aiCheck out the Roc Sec Podcast: http://syncurity.net/?page_id=450 Looking for Episode IdeasBike from Baltimore to Boston in August: www.cycleoverride.orgDefcon Bike Ride: http://bit.ly/z7P8cu

×