• No results found

Contents. Part 1 SSH Basics 1. Acknowledgments About the Author Introduction

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Contents. Part 1 SSH Basics 1. Acknowledgments About the Author Introduction"

Copied!
7
0
0

Loading.... (view fulltext now)

Download now ( 7 Page )

Full text

(1)

Acknowledgments xv

About the Author xvii

Introduction xix

Part 1

SSH Basics

1

Chapter 1 Overview of SSH 3

Differences between SSH1 and SSH2 4

Various Uses of SSH 5

Security 5

Remote Command Line Execution 7

Remote File Transfer 8

Remote Network Access 10

Secure Management 10

Proxy Services 11

Client/Server Architecture for SSH 12

SSH’s Encryption Architecture 13

Basic Miscues with SSH 14

Types of SSH Clients/Servers 14

Basic Setup of SSH 15

OpenSSH 16

Red Hat Linux 8.0 16

OpenBSD 3.1 18

Windows 2000 Server 19

Commercial SSH 23

OpenBSD 3.1 and Red Hat Linux 8.0 23

Windows 2000 24 VShell SSH Server 27 Optimal Uses of SSH 29 Summary 30

Contents

vii

(2)

Chapter 2 SSH Servers 31 OpenSSH 32 SSH Communications’ SSH server 39 SSH Communications’ SSH Server: Unix 39 General 40 Network 40 Crypto 42 Users 43 User Public Key Authentication 44 Tunneling 46 Authentication 46 Host Restrictions 47 Users Restrictions 48 SSH1 Compatibility 49 Chrooted Environment 50 Subsystem Definitions 50

SSH Communications’ SSH server: Windows 51

General Settings 52

Network Settings 54

Crypto Settings 56

Users Settings 57

Server Public Key Configuration 60 Server Certificate Configurations 61

Tunneling Configurations 62

Authentication Methods 63

Host Restrictions 64

User Restrictions 65

Subsystem Definitions 67

VanDyke Software’s VShell SSH Server 69

General Settings 69 General–Host Key 70 General–Key Exchanges 71 General–Cipher 72 General–MAC 73 General–Compression 74 Authentication 75 Access Control 77 SFTP Section 78 Triggers 79 Connection Filters 80 Port-Forward Filters 81 Logging 83 Comparison of OpenSSH, SSH Server, and VShell 84 Summary 85

(3)

Chapter 3 Secure Shell Clients 87

Command-Line SSH Clients 88

Windows Installation 89

Unix Installation 89

SSH Client Configuration File 94

General 95 Network 95 Crypto 96 User Public Key Authentication 96 Tunneling 97 SSH1 Compatibility 97 Authentication 98 GUI SSH Clients 98 Windows Installation 98 SSH Communications 99 Profile Settings 100 Global Settings 101

VanDyke Software’s SecureCRT 104

PuTTY 110 WinSCP 112 MindTerm 113 MacSSH 116 Summary 116 Chapter 4 Authentication 117 General Options 118

SSH Communications’ SSH Server (Windows) 118 SSH Communications’ SSH Server (Unix) 120

VShell SSH Server 121

OpenSSH (Unix and Windows) 122

Passwords 123

Host-Based Authentication 127

Server Authentication 129

Public Keys 131

Creating Keys with OpehSSH 134

How to Use an OpenSSH Key on an OpenSSH Server 135 How to Use an OpenSSH Key on SSH Communications’

SSH Server 136

How to Use an OpenSSH Key on a VShell SSH Server 137 Creating Keys with SSH Communications’ SSH Client

(Unix and Windows Command Line) 138 How to Use SSH Client Keys with SSH Communications’

SSH Server 139

How to Use SSH Client Keys with an OpenSSH Server 140 How to Use SSH Client Keys with a VShell SSH Server 140

(4)

Creating Keys with SSH Communications (Windows GUI) 142 How to Upload an SSH Client Key Pair to SSH

Communications’ SSH Server 144

How to Upload an SSH Client Key Pair to an

OpenSSH Server 145

How to Upload an SSH Client Key Pair to a

VShell SSH Server 147

Creating Keys with VanDyke SecureCRT 148

VShell SSH Server 149 OpenSSH 150 SSH Communications’ SSH Server 151 SSH Agents 152 Summary 153 Chapter 5 SSH Management 155 Network Devices 156 Cisco Routers 157 Cisco Switches 160 Cisco VPN Concentrator 160

Cisco PIX Firewalls 162

Network Appliance Filers 163

Secure Management 164 Management Servers 165 Two-Factor Authentication 167 SOCKS Management 169 SSH: User Restrictions 172 Chroot 172

User Access Controls 173

SSH User Restrictions 175

SSH: Network Access Controls 177

SSH TCP wrappers 177

SSH Connection Filters 179

SSH Host Restrictions 181

Summary 183

Part 2

Remote Access Solutions

185

Chapter 6 SSH Port Forwarding 187

Networking Basics of Port Forwarding for Clients 193 Networking Basics of Port Forwarding for Servers 200

SSH Port Forwarding 201

Local Port Forwarding for SSH Clients 205 Configuration for Command-Line Clients 205 Configuration for SSH Communications’ GUI SSH Client 207 Configuration for VanDyke Software’s Secure CRT 209

Configuration for PuTTY 211

Remote Port Forwarding for SSH Clients 213 Configuration for OpenSSH Client (Unix and Windows) 213 Configuration for SSH Communications’

(5)

Configuration for SSH Communications’

GUI SSH Client (Windows) 214

Configuration for VanDyke Software’s SecureCRT 215 Port Forwarding for SSH Servers 217 Configuration for OpenSSH Server (Unix and Windows) 217 Configuration for SSH Communications’ SSH Server (Unix) 217 Configuration for SSH Communications’

SSH Server (Windows) 220

Configuration for VanDyke Software’s VShell SSH Server 222 Advantages to SSH Port Forwarding 225 Summary 226

Chapter 7 Secure Remote Access 229

Secure E-mail with SSH 230

Setting Up the SSH Server 232

Setting Up the SSH Client 232

Setting Up the E-mail Client 234

Executing Secure E-mail 237

Secure File Transfer (SMB and NFS) with SSH 238

Setting Up the SSH Server 241

Setting Up the SSH Client 241

Setting Up the File Server Clients 243 Executing Secure File Transfer 243 Secure File Sharing with SMB and SSH 244 Secure File Sharing with NFS and SSH 245

Secure Management with SSH 246

Setting Up the SSH Server 248

Setting Up the SSH Client 249

Setting Up the Management Clients 252

Executing Secure Management 252

Secure Management with Windows Terminal

Services and SSH 253

Secure Management with VNC and SSH 255 Secure Management with pcAnywhere and SSH 257 Secure VPN with SSH (PPP over SSH) 259

PPP Daemon on the Server 260

VPN User and Sudo 261

Client Script 261

Summary 264

Part 3

Protocol Replacement

267

Chapter 8 SSH Versatility 269

Terminal Access 270

Compromising a System with Remote Shell (RSH) 271 Compromising a System with Remote Login (Rlogin) 272 Compromising a System with Remote Execution (Rexec) 273

Why Access via SSH Is Better 274

(6)

File Transfer with Secure File Transfer Protocol (SFTP) 276 SFTP with the OpenSSH SFTP Server 277 Using OpenSSH for Management Purposes 277 Using OpenSSH for File Sharing 278 Authorizing Users with OpenSSH 279 OpenSSH on Windows and Cygdrive 280 SFTP with VanDyke Software VShell 281 Using VShell for Management Purposes 281 Using VShell for File Sharing 282 Authorizing Users with VShell 287 SFTP with SSH Communications’ SSH Server 287

Using SSH Communications’ SSH Server for

Management Purposes 288

Using SSH Communications’ SSH Server for File Sharing 289 Authorizing Users with SSH Communications’ SSH Server 292 Comparison of the Three SFTP Solutions 292

Secure Chat 293

Secure Backups 297

Summary 299 Chapter 9 Proxy Technologies in a Secure Web Environment 301

SSH and SOCKS 302

Dynamic Port Forwarding and SOCKS 310

Secure Web Browsing with SSH 314

SSH via HTTP Proxies 321

Securing Wireless Networks with SSH 323 Securing Wireless with SSH and HTTP Proxies 324 Securing Wireless with SSH and Dynamic Port Forwarding 325 Summary 326

Chapter 10 SSH Case Studies 329

Case Study #1: Secure Remote Access 330

The Problem Situation 330

Business Requirements 330

Configuration 334

SSH Client Configuration 334

SSH Server Configuration 339

Results Checklist 343

Case Study #2: Secure Wireless Connectivity 344

The Problem 344 Business Requirements 344 Configuration 347 SSH Client Configuration 347 SSH Server Configuration 350 Results Checklist 351

(7)

Case Study #3: Secure File Servers 353 The Problem 353 Business Requirements 353 Configuration 354 SSH Server Configuration 354 SSH Client Configuration 356 Results Checklist 357 Summary 358 Epilogue 359 Index 361 Contents xiii

References

Download now ( PDF - 7 Page - 139.81 KB )

Related documents