SSH is a abbreviation for Secure Shell is a network protocol that allows data-exchange between devices on the network..This is mainly used in linux OS's to access shell accounts , shell commands etc... SSH was mainly designed as a replacement modification to telnet etc..other insecure remote shells which do not use encryption and send passwords/user-names in simple ascii text...Which makes them vulnerable to many attacks...like : suffering passwords etc etc... How does SSH work The client connects to the server via a TCP connection...Like FTP , HTTP etc... Then they send each other their version information and Protocol information... Next the server and client discusses what kind of Encryption , keys , hashes they support.. Now the client sends the server a initialization message that includes the message about the key exchange..and a challenge message... Now all the client does is listens for the server's response about the request which will include the message about the server's key and a challenge value that has been signed by the server's private key... This is done to provide a validation that the packet could only come from the server that sent it.. (This makes the ssh secure from man in the middle attacks) The client then checks the list of known hosts by searching '~/.ssh/known_hosts' file . If the public key is listed , it automatically assumes that the data is valid and the server is trusted..But if the public is not listed here then the user is displayed with a prompt that asks them to verify the finger print... Now both the client and server have enough information needed to create the master key that will encrypt the session and the communication starts.... Thats quite a bit explanation now lets move on to practical example Example Installing ssh :- Code: sudo apt-get install ssh Running :- Code: ssh (server hostname) Other usage can be seen as :- Code: aneesh@aneesh-laptop:~$ ssh --help usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec] [-D [bind_address:]port] [-e escape_char] [-F configfile] [-i identity_file] [-L [bind_address:]port:host:hostport] [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] [-R [bind_address:]port:host:hostport] [-S ctl_path] [-w local_tun[:remote_tun]] [user@]hostname [command] Installing ssh-server :- Code: aneesh@aneesh-laptop:~$ sudo apt-get install openssh-server Now that we successfully installed the main server... Lets check whether its working or not... This can be checked by :- Code: netstat -tupln Example output :- Code: aneesh@aneesh-laptop:~$ sudo netstat -tupln Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2095/sshd tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1051/cupsd tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 796/pptpd tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 812/mysqld tcp6 0 0 :::80 :::* LISTEN 1142/apache2 tcp6 0 0 :::22 :::* LISTEN 2095/sshd tcp6 0 0 ::1:631 :::* LISTEN 1051/cupsd udp 0 0 0.0.0.0:51810 0.0.0.0:* 634/avahi-daemon: r udp 0 0 0.0.0.0:5353 0.0.0.0:* 634/avahi-daemon: r aneesh@aneesh-laptop:~$ We can see that the sshd server is listening on the port no. 22 on 0.0.0.0 I.e localhost... Note : The other output is about other servers running on my machine as I am running apache etc etc.. Now lets connect to the local ssh-server Code: aneesh@aneesh-laptop:~$ ssh localhost The authenticity of host 'localhost (::1)' can't be established. RSA key fingerprint is 18:ee:8c:7f:4e:bf:0c:3e:7a:e5:78:6f:f7:49:53:b1. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'localhost' (RSA) to the list of known hosts. aneesh@localhost's password: Yes we got the connection .. Now after entering our password we can get the shell Code: aneesh@localhost's password: Linux aneesh-laptop 2.6.32.26+drm33.12-explict-hax0r #2 SMP Fri Jan 7 15:33:24 IST 2011 i686 GNU/Linux Ubuntu 10.04.1 LTS Welcome to Ubuntu! * Documentation: https://help.ubuntu.com/ Last login: Mon Jan 10 16:30:50 2011 aneesh@aneesh-laptop:~$ As we see it just looks like a ordinary shell and provides the same usage... Now lets test some commands :- Code: aneesh@aneesh-laptop:~$ cd / aneesh@aneesh-laptop:/$ ls bin dev initrd.img.old mnt sbin tmp vmlinuz.old boot etc lib opt selinux usr cdrom home lost+found proc srv var desktop initrd.img media root sys vmlinuz aneesh@aneesh-laptop:/$ cd usr aneesh@aneesh-laptop:/usr$ ls bin games include lib lib64 local man sbin share src aneesh@aneesh-laptop:/usr$ cd ../ aneesh@aneesh-laptop:/$ ls bin dev initrd.img.old mnt sbin tmp vmlinuz.old boot etc lib opt selinux usr cdrom home lost+found proc srv var desktop initrd.img media root sys vmlinuz aneesh@aneesh-laptop:/$ cd home aneesh@aneesh-laptop:/home$ ls aneesh aneesh@aneesh-laptop:/home$ cd aneesh/ aneesh@aneesh-laptop:~$ cd articles/ aneesh@aneesh-laptop:~/articles$ ls a.out Bash crackme debugMe hello ASM C crackme.c debugMe.c helloWorld.c aneesh@aneesh-laptop:~/articles$ mkdir SSH aneesh@aneesh-laptop:~/articles$ ls a.out Bash crackme debugMe hello SSH ASM C crackme.c debugMe.c helloWorld.c aneesh@aneesh-laptop:~/articles$ cd SSH aneesh@aneesh-laptop:~/articles/SSH$ ls aneesh@aneesh-laptop:~/articles/SSH$ vi HiIamHere aneesh@aneesh-laptop:~/articles/SSH$ echo "Hello I am using ssh server on my machine ... and its damn exiting..... woooo!!!!!!" > HiIamHere echo "Hello I am using ssh server on my machine ... and its damn exiting..... woooovi HiIamHerevi HiIamHerevi HiIamHere" > HiIamHere aneesh@aneesh-laptop:~/articles/SSH$ ls HiIamHere aneesh@aneesh-laptop:~/articles/SSH$ cat HiIamHere Hello I am using ssh server on my machine ... and its damn exiting..... woooovi HiIamHerevi HiIamHerevi HiIamHere aneesh@aneesh-laptop:~/articles/SSH$ aneesh@aneesh-laptop:~/articles/SSH$ rm HiIamHere aneesh@aneesh-laptop:~/articles/SSH$ ls aneesh@aneesh-laptop:~/articles/SSH$ And remember to close your connection simply use 'exit' as in a normal shell :- Code: aneesh@aneesh-laptop:~/articles/SSH$ exit logout Connection to localhost closed. Thats all about basic ssh you have to know to use it... But stay tuned I may be writing some more articles on ssh encryption and some vulnerabilities it met with...
Re: How SSH works? Examples and Samples Thanks.. But if you really liked it.. Please press thanks button at the bottom of my article...
