How does ssh authenticate, What does ssh protect against, On p – Lantronix Data Center-Grade Evolution Device Server EDS32PR User Manual
Page 143
C: Networking and Security
EDS Device Servers User Guide
143
Certificate provides the receiver with a way to encode a reply. Digital Certificates come in
40-bit and 128-bit versions.
There are two principal ways that a Digital Certificate can be obtained. It can be bought
from a certificate vendor or a user can "self-sign" his or her own certificate. With the latter
method, a user can use various tools, both open source and proprietary, to sign his or her
own Digital Certificate, saving the time and expense of going through a certificate vendor.
SSH
Like SSL, Secure Shell (SSH) is a protocol that provides secure encrypted
communications over unsecured TCP/IP networks such as the Internet. SSH allows for
secure access to remote systems, eliminating potential security breaches such as
spoofing and eavesdropping or hijacking of sessions. However, SSH differs significantly
from SSL and, in fact, cannot communicate with SSL. The two are different protocols,
though they have some overlap in how they accomplish similar goals.
How Does SSH Authenticate?
SSH authenticates using one or more of the following:
Password (the /etc/passwd or /etc/shadow in UNIX)
User public key (RSA or DSA, depending on the release)
Hostbased (.rhosts or /etc/hosts.equiv in SSH1 or public key in SSH2)
What Does SSH Protect Against?
SSH provides strong authentication and secure communications over insecure channels.
It also provides secure connections that protect a network from attacks such as:
IP spoofing, where a remote host sends packets that pretend to originate from
another, trusted host. SSH even protects against a spoofer on the local network
that is pretending to be a router to the outside.
IP source routing, where a host pretends that an IP packet comes from another,
trusted host.
DNS spoofing, where an attacker forges name server records.
Interception of cleartext passwords and other data by intermediate hosts.
Manipulation of data by people in control of intermediate hosts.
Attacks based on listening to authentication data and spoofed connections to the
server.