Go4Expert

Go4Expert (http://www.go4expert.com/)
-   Unix (http://www.go4expert.com/articles/unix/)
-   -   How SSH works With Examples and Samples (http://www.go4expert.com/articles/ssh-examples-samples-t24817/)

lionaneesh 1Feb2011 08:17

How SSH works With Examples and Samples
 
SSH is a abbreviation for Secure Shell is a network protocol that allows data-exchange between devices on the network..This is mainly used in linux OS's to access shell accounts , shell commands etc... SSH was mainly designed as a replacement modification to telnet etc..other insecure remote shells which do not use encryption and send passwords/user-names in simple ascii text...Which makes them vulnerable to many attacks...like : suffering passwords etc etc...

How does SSH work



The client connects to the server via a TCP connection...Like FTP , HTTP etc...

Then they send each other their version information and Protocol information...

Next the server and client discusses what kind of Encryption , keys , hashes they support..

Now the client sends the server a initialization message that includes the message about the key exchange..and a challenge message...

Now all the client does is listens for the server's response about the request which will include the message about the server's key and a challenge value that has been signed by the server's private key...

This is done to provide a validation that the packet could only come from the server that sent it.. (This makes the ssh secure from man in the middle attacks)

The client then checks the list of known hosts by searching '~/.ssh/known_hosts' file . If the public key is listed , it automatically assumes that the data is valid and the server is trusted..But if the public is not listed here then the user is displayed with a prompt that asks them to verify the finger print...

Now both the client and server have enough information needed to create the master key that will encrypt the session and the communication starts....

Thats quite a bit explanation now lets move on to practical example

Example



Installing ssh :-
Code:

sudo apt-get install ssh
Running :-
Code:

ssh (server hostname)
Other usage can be seen as :-
Code:

aneesh@aneesh-laptop:~$ ssh --help
usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
          [-D [bind_address:]port] [-e escape_char] [-F configfile]
          [-i identity_file] [-L [bind_address:]port:host:hostport]
          [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
          [-R [bind_address:]port:host:hostport] [-S ctl_path]
          [-w local_tun[:remote_tun]] [user@]hostname [command]

Installing ssh-server :-
Code:

aneesh@aneesh-laptop:~$ sudo apt-get install openssh-server
Now that we successfully installed the main server... Lets check whether its working or not...

This can be checked by :-
Code:

netstat -tupln
Example output :-
Code:

aneesh@aneesh-laptop:~$ sudo netstat -tupln

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address          Foreign Address        State      PID/Program name

tcp        0      0 0.0.0.0:22              0.0.0.0:*              LISTEN      2095/sshd     

tcp        0      0 127.0.0.1:631          0.0.0.0:*              LISTEN      1051/cupsd     

tcp        0      0 0.0.0.0:1723            0.0.0.0:*              LISTEN      796/pptpd     

tcp        0      0 127.0.0.1:3306          0.0.0.0:*              LISTEN      812/mysqld     

tcp6      0      0 :::80                  :::*                    LISTEN      1142/apache2   

tcp6      0      0 :::22                  :::*                    LISTEN      2095/sshd     

tcp6      0      0 ::1:631                :::*                    LISTEN      1051/cupsd     

udp        0      0 0.0.0.0:51810          0.0.0.0:*                          634/avahi-daemon: r

udp        0      0 0.0.0.0:5353            0.0.0.0:*                          634/avahi-daemon: r

aneesh@aneesh-laptop:~$

We can see that the sshd server is listening on the port no. 22 on 0.0.0.0 I.e localhost...

Note : The other output is about other servers running on my machine as I am running apache etc etc..

Now lets connect to the local ssh-server
Code:

aneesh@aneesh-laptop:~$ ssh localhost

The authenticity of host 'localhost (::1)' can't be established.

RSA key fingerprint is 18:ee:8c:7f:4e:bf:0c:3e:7a:e5:78:6f:f7:49:53:b1.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'localhost' (RSA) to the list of known hosts.

aneesh@localhost's password:

Yes we got the connection .. Now after entering our password we can get the shell
Code:

aneesh@localhost's password:

Linux aneesh-laptop 2.6.32.26+drm33.12-explict-hax0r #2 SMP Fri Jan 7 15:33:24 IST 2011 i686 GNU/Linux

Ubuntu 10.04.1 LTS

Welcome to Ubuntu!

 * Documentation:  https://help.ubuntu.com/

Last login: Mon Jan 10 16:30:50 2011

aneesh@aneesh-laptop:~$

As we see it just looks like a ordinary shell and provides the same usage...

Now lets test some commands :-
Code:

aneesh@aneesh-laptop:~$ cd /

aneesh@aneesh-laptop:/$ ls

bin      dev        initrd.img.old  mnt  sbin    tmp      vmlinuz.old

boot    etc        lib            opt  selinux  usr

cdrom    home        lost+found      proc  srv      var

desktop  initrd.img  media          root  sys      vmlinuz

aneesh@aneesh-laptop:/$ cd usr

aneesh@aneesh-laptop:/usr$ ls

bin  games  include  lib  lib64  local  man  sbin  share  src

aneesh@aneesh-laptop:/usr$ cd ../

aneesh@aneesh-laptop:/$ ls

bin      dev        initrd.img.old  mnt  sbin    tmp      vmlinuz.old

boot    etc        lib            opt  selinux  usr

cdrom    home        lost+found      proc  srv      var

desktop  initrd.img  media          root  sys      vmlinuz

aneesh@aneesh-laptop:/$ cd home

aneesh@aneesh-laptop:/home$ ls

aneesh

aneesh@aneesh-laptop:/home$ cd aneesh/

aneesh@aneesh-laptop:~$ cd articles/

aneesh@aneesh-laptop:~/articles$ ls

a.out  Bash  crackme    debugMe    hello

ASM    C    crackme.c  debugMe.c  helloWorld.c

aneesh@aneesh-laptop:~/articles$ mkdir SSH

aneesh@aneesh-laptop:~/articles$ ls

a.out  Bash  crackme    debugMe    hello        SSH

ASM    C    crackme.c  debugMe.c  helloWorld.c

aneesh@aneesh-laptop:~/articles$ cd SSH

aneesh@aneesh-laptop:~/articles/SSH$ ls

aneesh@aneesh-laptop:~/articles/SSH$ vi HiIamHere

aneesh@aneesh-laptop:~/articles/SSH$ echo "Hello I am using ssh server on my machine ... and its damn exiting..... woooo!!!!!!" > HiIamHere

echo "Hello I am using ssh server on my machine ... and its damn exiting..... woooovi HiIamHerevi HiIamHerevi HiIamHere" > HiIamHere

aneesh@aneesh-laptop:~/articles/SSH$ ls

HiIamHere

aneesh@aneesh-laptop:~/articles/SSH$ cat HiIamHere

Hello I am using ssh server on my machine ... and its damn exiting..... woooovi HiIamHerevi HiIamHerevi HiIamHere

aneesh@aneesh-laptop:~/articles/SSH$

aneesh@aneesh-laptop:~/articles/SSH$ rm HiIamHere

aneesh@aneesh-laptop:~/articles/SSH$ ls

aneesh@aneesh-laptop:~/articles/SSH$

And remember to close your connection simply use 'exit' as in a normal shell :-
Code:

aneesh@aneesh-laptop:~/articles/SSH$ exit

logout

Connection to localhost closed.

Thats all about basic ssh you have to know to use it...

But stay tuned I may be writing some more articles on ssh encryption and some vulnerabilities it met with...

lionaneesh 2Feb2011 11:50

Re: How SSH works? Examples and Samples
 
Shabbir , Thanks for accepting..
And guyz please comment..

kumarmannu 16Feb2011 14:37

Re: How SSH works? Examples and Samples
 
Great information thanks.........

lionaneesh 16Feb2011 19:29

Re: How SSH works? Examples and Samples
 
Quote:

Originally Posted by kumarmannu (Post 79381)
Great information thanks.........

My Pleasure...

seangtz 21Feb2011 10:47

Re: How SSH works? Examples and Samples
 
This time also a greattttttttt information!!!!!

lionaneesh 21Feb2011 11:17

Re: How SSH works? Examples and Samples
 
Quote:

Originally Posted by seangtz (Post 79637)
This time also a greattttttttt information!!!!!

Thanks..

But if you really liked it..
Please press thanks button at the bottom of my article...


All times are GMT +5.5. The time now is 09:36.