SlideShare uma empresa Scribd logo

How to increase security with SSH

Vitalii Sharavara
Vitalii Sharavara

This presentation describes how to connect to the remote servers and authenticate with security keys instead of login/password

Tecnologia
1 de 10
Baixar para ler offline
SSH HOW TO INCREASE SECURITY Vitalii Sharavara
WHAT IS SSH SECURE SHELL ▸ Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. The best known example application is for remote login to computer systems by users. ▸ SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2.
THE SSH PROTOCOL An SSH key is an access credential in the SSH protocol. Its function is similar to that of user names and passwords, but the keys are primarily used for automated processes and for implementing single sign- on by system administrators and power users.
SSH HOW TO CREATE A KEY PAIR ▸ The simplest way to generate a key pair is to run ssh-keygen without arguments. In this case, it will prompt for the file in which to store keys. Here's an example: vsbook (11:39) ~>ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/vitalii/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/vitalii/.ssh/id_rsa. Your public key has been saved in /home/vitalii/.ssh/id_rsa.pub. The key fingerprint is: SHA256:Up6KjbnEV4Hgfo75YM393QdQsK3Z0aTNBz0DoirrW+c vitalii@vsbook The key's randomart image is: +---[RSA 2048]----+ | . ..oo..| | . . . . .o.X.| | . . o. ..+ B| | . o.o .+ ..| | ..o.S o.. | | . %o= . | | @.B... . | | o.=. o. . . .| | .oo E. . .. | +----[SHA256]-----+ vsbook (11:40) ~>
SSH HOW TO CHANGE THE PASSWORD OF “ID_RSA” FILE ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
 
 
 -P passphrase Provides the (old) passphrase.     -p Requests changing the passphrase of a private key file instead of creating a new private key. The program will prompt for the file containing the private key, for the old passphrase, and twice for the new passphrase. Example: ssh-keygen -p -f ~/.ssh/knowledge_base_key -P "oldpass" -N “newpass"
SSH HOW COPY THE KEY TO A SERVER ssh-copy-id -i ~/.ssh/id_rsa devops@devops.deltavn.vn “AUTHORIZED_KEYS” The authorized_keys file in SSH specifies the SSH keys that can be used for logging into the user account for which the file is configured. SSH-RSA AAAAB3NZAC1YC2EAAAABIWAAAIEA0KJDLOIIXJ9XDMXICT9KVAKFUXFQI+CIIKLAN5HHSNGYOU7TIJQYONEU5FONLOAO/ CSHLA+KUARGYTRTIZWCP4TPCTXZHHJRM0GUDJRAGW7SMVIS/5XJBGAYHKJ1YUMGO7+NJTMSCLX6PFOLQYVEURIIVVCCZERGCLH+UTSXK3Z+L7HX9NIDG3/ YLOLC3F3SLXRJKN0GMTGK7BHJFXO4PGUUPJWZLVDUDX+XKIQTT2N4ISYS6N9QVFG3ZUGNLEJZM47NK/YTAC0MAX98PK+QNZSUAQOO/ ISHJ1TOW5WWSCFLPARVJ2AYROQAE7CFQG7Q12I9OLASFD3U5NAZFZCTYAVWA1KZ9UZEWLJ1BR1XOKPQOLEMM8KCP/PXZZ8H0KISKMIJI0/ QUIZOPEBSKLSZXJLALCXR8MG1UIZVWY48I9JHEYXYJ1TOCJ6CPSCPGFHP3DAGSLKKBE1EFAVFEEYGANHESLNDDG3GQ5XSSB9OKQM3V5T8GPFAJBV68BXQ4BK6HJ21A3CINV4LD V3HR/OBUBDG2ECI+ZKRDJLPJUU4YU= VITALII@FECREDIT.COM.VN SSH-RSA AAAAB3NZAC1YC2EAAAABIWAAAIEAYWWHRWQ4FJHT+UUWZCZEPXTJTZOENFPOJUFYCAYSO2NTLZNWNAQEQRFBQSUXKVTOTGXGAPIKUVJRIJNBDJE6IOZVBXZHHJRM0GUDJRAG W7SMVIS/5XJBGAYHKJ1YUMGO7+NJTMSCLX6PFOLQYVEURIIVVCCZERGCLH+UTSXK3Z+L7HX9NIDG3/ YLOLC3F3SLXRJKN0GMTGK7BHJFXO4PGUUPJWZLVDUDX+XKIQTT2N4ISYS6N9QVFG3ZUGNLEJZM47NK/YTAC0MAX98PK+QNZSUAQOO/ ISHJ1TOW5WWSCFLPARVJ2AYROQAE7CFQG7Q12I9OLASFD3U5NAZFZCTYAVWA1KZ9UZEWLJ1BR1XOKPQOLEMM8KCP/PXZZ8H0KISKMIJI0/ QUIZOPEBSKLSZXJLALCXR8MG1UIZVWY48I9JHEYXYJ1TOCJ6CPSCPGFHP3DAGSLKKBE1EFAVFEEYGANHESUXC9WKSEFZCEYMJ+RGJXMKBXNZMYYCBWSSQAEGJPMEUDLWZU2 GD0OBBZ0HXQG9J1XALLOP5AVDKFESZZCC= SHARAVARA@FECREDIT.COM.VN
SUMMARY How to create a new id_rsa file ssh-keygen -t rsa -b 4096 -C "iaroslav.kupriianov@fecredit.com.vn" -f iaroslav.kupriianov_id_rsa How to check key identity ssh-keygen -l -i iaroslav.kupriianov_id_rsa How to change the password ssh-keygen -p -f iaroslav.kupriianov_id_rsa -P "12345678" -N "12345" How to upload pulic key to the server ssh-copy-id -i iaroslav.kupriianov_id_rsa.pub devops@devops01.deltavn.vn How to connect to the server ssh -i iaroslav.kupriianov_id_rsa devops@devops01.deltavn.vn
USE SSH KEYS WITH PUTTY ON WINDOWS USE EXISTING PUBLIC AND PRIVATE KEYS Launch PuTTYgen from the Windows Programs list 1. Click Conversions from the PuTTY Key Generator menu and select Import key. 2. Navigate to the OpenSSH private key and click Open. 3. Under Actions / Save the generated key, select Save private key. 4. Choose an optional passphrase to protect the private key. 5. Save the private key to the desktop as id_rsa.ppk.
USE SSH KEYS WITH PUTTY ON WINDOWS CONNECT TO SERVER WITH PRIVATE KEY 1. Enter the remote server Host Name or IP address under Session. 2. Navigate to Connection > SSH > Auth. 3. Click Browse... under Authentication parameters / Private key file for authentication. 4. Locate the id_rsa.ppk private key and click Open. 5. Finally, click Open again to log into the remote server with key pair authentication.
FILEZILLA SFTP SETTINGS

Recomendados

SSH
SSHSSH
SSHZach Dennis
 
Ssh
SshSsh
SshRaghu nath
 
OpenSSH tricks
OpenSSH tricksOpenSSH tricks
OpenSSH tricksAssem CHELLI
 
SSH - Secure Shell
SSH - Secure ShellSSH - Secure Shell
SSH - Secure ShellPeter R. Egli
 
FLOSS UK DEVOPS Spring 2015 Enhancing ssh config
FLOSS UK DEVOPS Spring 2015 Enhancing ssh configFLOSS UK DEVOPS Spring 2015 Enhancing ssh config
FLOSS UK DEVOPS Spring 2015 Enhancing ssh configdmp1304
 
Ssh that wonderful thing
Ssh that wonderful thingSsh that wonderful thing
Ssh that wonderful thingMarc Cluet
 
Secure SHell
Secure SHellSecure SHell
Secure SHellÇağrı Çakır
 
Secure Shell(ssh)
Secure Shell(ssh)Secure Shell(ssh)
Secure Shell(ssh)Pina Parmar
 

Recomendados

SSH
SSHSSH
SSHZach Dennis
 
Ssh
SshSsh
SshRaghu nath
 
OpenSSH tricks
OpenSSH tricksOpenSSH tricks
OpenSSH tricksAssem CHELLI
 
SSH - Secure Shell
SSH - Secure ShellSSH - Secure Shell
SSH - Secure ShellPeter R. Egli
 
FLOSS UK DEVOPS Spring 2015 Enhancing ssh config
FLOSS UK DEVOPS Spring 2015 Enhancing ssh configFLOSS UK DEVOPS Spring 2015 Enhancing ssh config
FLOSS UK DEVOPS Spring 2015 Enhancing ssh configdmp1304
 
Ssh that wonderful thing
Ssh that wonderful thingSsh that wonderful thing
Ssh that wonderful thingMarc Cluet
 
Secure SHell
Secure SHellSecure SHell
Secure SHellÇağrı Çakır
 
Secure Shell(ssh)
Secure Shell(ssh)Secure Shell(ssh)
Secure Shell(ssh)Pina Parmar
 
Secure shell protocol
Secure shell protocolSecure shell protocol
Secure shell protocolBaspally Sai Anirudh
 
Introduction to SSH & PGP
Introduction to SSH & PGPIntroduction to SSH & PGP
Introduction to SSH & PGPSarang Ananda Rao
 
Secure shell
Secure shellSecure shell
Secure shellArjun Aj
 
Ssh And Rlogin
Ssh And RloginSsh And Rlogin
Ssh And RloginSourav Roy
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSHnussbauml
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Intro to SSH
Intro to SSHIntro to SSH
Intro to SSHJP Bourget
 
Securing the tunnel with Raccoon
Securing the tunnel with RaccoonSecuring the tunnel with Raccoon
Securing the tunnel with RaccoonGloria Stoilova
 
Understanding ssh
Understanding sshUnderstanding ssh
Understanding sshMomita Chowdhury
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)Mehedi Farazi
 
OpenSSH: keep your secrets safe
OpenSSH: keep your secrets safeOpenSSH: keep your secrets safe
OpenSSH: keep your secrets safeGiovanni Bechis
 
OpenSMTPD: we deliver !!
OpenSMTPD: we deliver !!OpenSMTPD: we deliver !!
OpenSMTPD: we deliver !!Giovanni Bechis
 
Ssh
SshSsh
Sshgh02
 
Ost ssl lec
Ost ssl lecOst ssl lec
Ost ssl lecKaustubh Joshi
 
Packet Inspection on ASA
Packet Inspection on ASAPacket Inspection on ASA
Packet Inspection on ASAPratik Bhide
 
Windowshadoop
WindowshadoopWindowshadoop
Windowshadooparunkumar sadhasivam
 
Basic Security in Routing and Switching
Basic Security in Routing and SwitchingBasic Security in Routing and Switching
Basic Security in Routing and SwitchingReza Farahani
 
Importance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesImportance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesAPNIC
 
Importance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesImportance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesMuhammad Moinur Rahman
 
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption Toolkit
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption ToolkitBlack Hat Europe 2017. DPAPI and DPAPI-NG: Decryption Toolkit
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption ToolkitPaula Januszkiewicz
 
SSH.pdf
SSH.pdfSSH.pdf
SSH.pdfAnisSalhi3
 
SSH how to 2011
SSH how to 2011SSH how to 2011
SSH how to 2011Chris Hales
 

Mais conteúdo relacionado

Mais procurados

Secure shell
Secure shellSecure shell
Secure shellArjun Aj
 
Ssh And Rlogin
Ssh And RloginSsh And Rlogin
Ssh And RloginSourav Roy
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSHnussbauml
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Securing the tunnel with Raccoon
Securing the tunnel with RaccoonSecuring the tunnel with Raccoon
Securing the tunnel with RaccoonGloria Stoilova
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)Mehedi Farazi
 
OpenSSH: keep your secrets safe
OpenSSH: keep your secrets safeOpenSSH: keep your secrets safe
OpenSSH: keep your secrets safeGiovanni Bechis
 
OpenSMTPD: we deliver !!
OpenSMTPD: we deliver !!OpenSMTPD: we deliver !!
OpenSMTPD: we deliver !!Giovanni Bechis
 
Ssh
SshSsh
Sshgh02
 
Packet Inspection on ASA
Packet Inspection on ASAPacket Inspection on ASA
Packet Inspection on ASAPratik Bhide
 
Basic Security in Routing and Switching
Basic Security in Routing and SwitchingBasic Security in Routing and Switching
Basic Security in Routing and SwitchingReza Farahani
 
Importance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesImportance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesAPNIC
 
Importance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesImportance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesMuhammad Moinur Rahman
 
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption Toolkit
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption ToolkitBlack Hat Europe 2017. DPAPI and DPAPI-NG: Decryption Toolkit
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption ToolkitPaula Januszkiewicz
 

Mais procurados (20)

Secure shell protocol
Secure shell protocolSecure shell protocol
Secure shell protocol
 
Introduction to SSH & PGP
Introduction to SSH & PGPIntroduction to SSH & PGP
Introduction to SSH & PGP
 
Secure shell
Secure shellSecure shell
Secure shell
 
Ssh And Rlogin
Ssh And RloginSsh And Rlogin
Ssh And Rlogin
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSH
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
 
Intro to SSH
Intro to SSHIntro to SSH
Intro to SSH
 
Securing the tunnel with Raccoon
Securing the tunnel with RaccoonSecuring the tunnel with Raccoon
Securing the tunnel with Raccoon
 
Understanding ssh
Understanding sshUnderstanding ssh
Understanding ssh
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)
 
OpenSSH: keep your secrets safe
OpenSSH: keep your secrets safeOpenSSH: keep your secrets safe
OpenSSH: keep your secrets safe
 
OpenSMTPD: we deliver !!
OpenSMTPD: we deliver !!OpenSMTPD: we deliver !!
OpenSMTPD: we deliver !!
 
Ssh
SshSsh
Ssh
 
Ost ssl lec
Ost ssl lecOst ssl lec
Ost ssl lec
 
Packet Inspection on ASA
Packet Inspection on ASAPacket Inspection on ASA
Packet Inspection on ASA
 
Windowshadoop
WindowshadoopWindowshadoop
Windowshadoop
 
Basic Security in Routing and Switching
Basic Security in Routing and SwitchingBasic Security in Routing and Switching
Basic Security in Routing and Switching
 
Importance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesImportance of SSHFP for Network Devices
Importance of SSHFP for Network Devices
 
Importance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesImportance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devices
 
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption Toolkit
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption ToolkitBlack Hat Europe 2017. DPAPI and DPAPI-NG: Decryption Toolkit
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption Toolkit
 

Semelhante a How to increase security with SSH

How To Setup SSH Keys on CentOS 7
How To Setup SSH Keys on CentOS 7How To Setup SSH Keys on CentOS 7
How To Setup SSH Keys on CentOS 7VCP Muthukrishna
 
SSH Key Management
SSH Key ManagementSSH Key Management
SSH Key ManagementFox Pass
 
Creating SSH Key.pptx
Creating SSH Key.pptxCreating SSH Key.pptx
Creating SSH Key.pptxSaumya876452
 
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform EnviornmentNagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform EnviornmentNagios
 
Discuss what is SSH and the advantages and disadvantages of using it.pdf
Discuss what is SSH and the advantages and disadvantages of using it.pdfDiscuss what is SSH and the advantages and disadvantages of using it.pdf
Discuss what is SSH and the advantages and disadvantages of using it.pdfinfo309708
 
SSH for pen-testers
SSH for pen-testersSSH for pen-testers
SSH for pen-testersE D Williams
 
How to set up ssh keys on ubuntu
How to set up ssh keys on ubuntuHow to set up ssh keys on ubuntu
How to set up ssh keys on ubuntucollegeinit
 
Open ssh cheet sheat
Open ssh cheet sheatOpen ssh cheet sheat
Open ssh cheet sheatPiyush Mittal
 
Presentation nix
Presentation nixPresentation nix
Presentation nixfangjiafu
 
Presentation nix
Presentation nixPresentation nix
Presentation nixfangjiafu
 
0696-ssh-the-secure-shell.pdf
0696-ssh-the-secure-shell.pdf0696-ssh-the-secure-shell.pdf
0696-ssh-the-secure-shell.pdfAnasElbaz
 

Semelhante a How to increase security with SSH (20)

SSH.pdf
SSH.pdfSSH.pdf
SSH.pdf
 
SSH how to 2011
SSH how to 2011SSH how to 2011
SSH how to 2011
 
How To Setup SSH Keys on CentOS 7
How To Setup SSH Keys on CentOS 7How To Setup SSH Keys on CentOS 7
How To Setup SSH Keys on CentOS 7
 
SSH Key Management
SSH Key ManagementSSH Key Management
SSH Key Management
 
SSh_part_1.pptx
SSh_part_1.pptxSSh_part_1.pptx
SSh_part_1.pptx
 
Creating SSH Key.pptx
Creating SSH Key.pptxCreating SSH Key.pptx
Creating SSH Key.pptx
 
Cent os 5 ssh
Cent os 5 sshCent os 5 ssh
Cent os 5 ssh
 
Ssh cookbook v2
Ssh cookbook v2Ssh cookbook v2
Ssh cookbook v2
 
Ssh cookbook
Ssh cookbookSsh cookbook
Ssh cookbook
 
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform EnviornmentNagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
 
Discuss what is SSH and the advantages and disadvantages of using it.pdf
Discuss what is SSH and the advantages and disadvantages of using it.pdfDiscuss what is SSH and the advantages and disadvantages of using it.pdf
Discuss what is SSH and the advantages and disadvantages of using it.pdf
 
Rhel5
Rhel5Rhel5
Rhel5
 
SSH for pen-testers
SSH for pen-testersSSH for pen-testers
SSH for pen-testers
 
How to set up ssh keys on ubuntu
How to set up ssh keys on ubuntuHow to set up ssh keys on ubuntu
How to set up ssh keys on ubuntu
 
Open ssh cheet sheat
Open ssh cheet sheatOpen ssh cheet sheat
Open ssh cheet sheat
 
Logging remotely open ssh
Logging remotely open sshLogging remotely open ssh
Logging remotely open ssh
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
 
Ssh tunnel
Ssh tunnelSsh tunnel
Ssh tunnel
 
0696-ssh-the-secure-shell.pdf
0696-ssh-the-secure-shell.pdf0696-ssh-the-secure-shell.pdf
0696-ssh-the-secure-shell.pdf
 

Último

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 

Último (20)

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 

How to increase security with SSH

  • 1. SSH HOW TO INCREASE SECURITY Vitalii Sharavara
  • 2. WHAT IS SSH SECURE SHELL ▸ Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. The best known example application is for remote login to computer systems by users. ▸ SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2.
  • 3. THE SSH PROTOCOL An SSH key is an access credential in the SSH protocol. Its function is similar to that of user names and passwords, but the keys are primarily used for automated processes and for implementing single sign- on by system administrators and power users.
  • 4. SSH HOW TO CREATE A KEY PAIR ▸ The simplest way to generate a key pair is to run ssh-keygen without arguments. In this case, it will prompt for the file in which to store keys. Here's an example: vsbook (11:39) ~>ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/vitalii/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/vitalii/.ssh/id_rsa. Your public key has been saved in /home/vitalii/.ssh/id_rsa.pub. The key fingerprint is: SHA256:Up6KjbnEV4Hgfo75YM393QdQsK3Z0aTNBz0DoirrW+c vitalii@vsbook The key's randomart image is: +---[RSA 2048]----+ | . ..oo..| | . . . . .o.X.| | . . o. ..+ B| | . o.o .+ ..| | ..o.S o.. | | . %o= . | | @.B... . | | o.=. o. . . .| | .oo E. . .. | +----[SHA256]-----+ vsbook (11:40) ~>
  • 5. SSH HOW TO CHANGE THE PASSWORD OF “ID_RSA” FILE ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
 
 
 -P passphrase Provides the (old) passphrase.     -p Requests changing the passphrase of a private key file instead of creating a new private key. The program will prompt for the file containing the private key, for the old passphrase, and twice for the new passphrase. Example: ssh-keygen -p -f ~/.ssh/knowledge_base_key -P "oldpass" -N “newpass"
  • 6. SSH HOW COPY THE KEY TO A SERVER ssh-copy-id -i ~/.ssh/id_rsa devops@devops.deltavn.vn “AUTHORIZED_KEYS” The authorized_keys file in SSH specifies the SSH keys that can be used for logging into the user account for which the file is configured. SSH-RSA AAAAB3NZAC1YC2EAAAABIWAAAIEA0KJDLOIIXJ9XDMXICT9KVAKFUXFQI+CIIKLAN5HHSNGYOU7TIJQYONEU5FONLOAO/ CSHLA+KUARGYTRTIZWCP4TPCTXZHHJRM0GUDJRAGW7SMVIS/5XJBGAYHKJ1YUMGO7+NJTMSCLX6PFOLQYVEURIIVVCCZERGCLH+UTSXK3Z+L7HX9NIDG3/ YLOLC3F3SLXRJKN0GMTGK7BHJFXO4PGUUPJWZLVDUDX+XKIQTT2N4ISYS6N9QVFG3ZUGNLEJZM47NK/YTAC0MAX98PK+QNZSUAQOO/ ISHJ1TOW5WWSCFLPARVJ2AYROQAE7CFQG7Q12I9OLASFD3U5NAZFZCTYAVWA1KZ9UZEWLJ1BR1XOKPQOLEMM8KCP/PXZZ8H0KISKMIJI0/ QUIZOPEBSKLSZXJLALCXR8MG1UIZVWY48I9JHEYXYJ1TOCJ6CPSCPGFHP3DAGSLKKBE1EFAVFEEYGANHESLNDDG3GQ5XSSB9OKQM3V5T8GPFAJBV68BXQ4BK6HJ21A3CINV4LD V3HR/OBUBDG2ECI+ZKRDJLPJUU4YU= VITALII@FECREDIT.COM.VN SSH-RSA AAAAB3NZAC1YC2EAAAABIWAAAIEAYWWHRWQ4FJHT+UUWZCZEPXTJTZOENFPOJUFYCAYSO2NTLZNWNAQEQRFBQSUXKVTOTGXGAPIKUVJRIJNBDJE6IOZVBXZHHJRM0GUDJRAG W7SMVIS/5XJBGAYHKJ1YUMGO7+NJTMSCLX6PFOLQYVEURIIVVCCZERGCLH+UTSXK3Z+L7HX9NIDG3/ YLOLC3F3SLXRJKN0GMTGK7BHJFXO4PGUUPJWZLVDUDX+XKIQTT2N4ISYS6N9QVFG3ZUGNLEJZM47NK/YTAC0MAX98PK+QNZSUAQOO/ ISHJ1TOW5WWSCFLPARVJ2AYROQAE7CFQG7Q12I9OLASFD3U5NAZFZCTYAVWA1KZ9UZEWLJ1BR1XOKPQOLEMM8KCP/PXZZ8H0KISKMIJI0/ QUIZOPEBSKLSZXJLALCXR8MG1UIZVWY48I9JHEYXYJ1TOCJ6CPSCPGFHP3DAGSLKKBE1EFAVFEEYGANHESUXC9WKSEFZCEYMJ+RGJXMKBXNZMYYCBWSSQAEGJPMEUDLWZU2 GD0OBBZ0HXQG9J1XALLOP5AVDKFESZZCC= SHARAVARA@FECREDIT.COM.VN
  • 7. SUMMARY How to create a new id_rsa file ssh-keygen -t rsa -b 4096 -C "iaroslav.kupriianov@fecredit.com.vn" -f iaroslav.kupriianov_id_rsa How to check key identity ssh-keygen -l -i iaroslav.kupriianov_id_rsa How to change the password ssh-keygen -p -f iaroslav.kupriianov_id_rsa -P "12345678" -N "12345" How to upload pulic key to the server ssh-copy-id -i iaroslav.kupriianov_id_rsa.pub devops@devops01.deltavn.vn How to connect to the server ssh -i iaroslav.kupriianov_id_rsa devops@devops01.deltavn.vn
  • 8. USE SSH KEYS WITH PUTTY ON WINDOWS USE EXISTING PUBLIC AND PRIVATE KEYS Launch PuTTYgen from the Windows Programs list 1. Click Conversions from the PuTTY Key Generator menu and select Import key. 2. Navigate to the OpenSSH private key and click Open. 3. Under Actions / Save the generated key, select Save private key. 4. Choose an optional passphrase to protect the private key. 5. Save the private key to the desktop as id_rsa.ppk.
  • 9. USE SSH KEYS WITH PUTTY ON WINDOWS CONNECT TO SERVER WITH PRIVATE KEY 1. Enter the remote server Host Name or IP address under Session. 2. Navigate to Connection > SSH > Auth. 3. Click Browse... under Authentication parameters / Private key file for authentication. 4. Locate the id_rsa.ppk private key and click Open. 5. Finally, click Open again to log into the remote server with key pair authentication.