search

CyberSecurityClubMoscow / meetups

7 stars 0 forks source link

[MEETUP] SSH #11

Closed mitilan closed 3 years ago

mitilan commented 4 years ago

SSH - это не просто замена telnet. Обсуждаем стэк протоколов.

mitilan commented 4 years ago

Для начала немного истории https://twitter.com/openbsdnow/status/1322514787776008194?s=21

mitilan commented 4 years ago

RFCs

The Secure Shell (SSH) Protocol Assigned Numbers https://tools.ietf.org/html/rfc4250

The Secure Shell (SSH) Protocol Architecture https://tools.ietf.org/html/rfc4251

The Secure Shell (SSH) Authentication Protocol https://tools.ietf.org/html/rfc4252

The Secure Shell (SSH) Transport Layer Protocol https://tools.ietf.org/html/rfc4253

The Secure Shell (SSH) Connection Protocol https://tools.ietf.org/html/rfc4254

Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints https://tools.ietf.org/html/rfc4255

Generic Message Exchange Authentication for the Secure Shell Protocol (SSH) https://tools.ietf.org/html/rfc4256

SHA-2 Data Integrity Verification for the Secure Shell (SSH) Transport Layer Protocol https://tools.ietf.org/html/rfc6668

More Modular Exponentiation (MODP) Diffie-Hellman (DH) Key Exchange (KEX) Groups for Secure Shell (SSH) https://tools.ietf.org/html/rfc8268

Extension Negotiation in the Secure Shell (SSH) Protocol https://tools.ietf.org/html/rfc8308

Use of RSA Keys with SHA-256 and SHA-512 in the Secure Shell (SSH) Protocol https://tools.ietf.org/html/rfc8332

Ed25519 and Ed448 Public Key Algorithms for the Secure Shell (SSH) Protocol https://tools.ietf.org/html/rfc8709

Deprecating RC4 in Secure Shell (SSH) https://tools.ietf.org/html/rfc8758

(ну или всё в одном месте от первоисточника - https://www.openssh.com/specs.html)

mitilan commented 4 years ago

SSH protocol from Computerphile https://www.youtube.com/watch?v=ORcvSkgdA58

mitilan commented 4 years ago

SSH Academy, a perfect entry point into SSH world; from SSH basics and tools to SSH Compliance in Enterprises https://www.ssh.com/ssh/

mitilan commented 3 years ago

Famous SSH Mastery: https://www.amazon.com/SSH-Mastery-OpenSSH-PuTTY-Tunnels/dp/1642350028

mitilan commented 3 years ago

Decrypting SSH session https://blog.fox-it.com/2020/11/11/decrypting-openssh-sessions-for-fun-and-profit/

mitilan commented 3 years ago

Short and clear how-to on ssh multiplexing https://blog.scottlowe.org/2015/12/11/using-ssh-multiplexing/

mitilan commented 3 years ago

SSH certificates https://medium.com/better-programming/how-to-use-ssh-certificates-for-scalable-secure-and-more-transparent-server-access-720a87af6617

Andrysky commented 3 years ago

можете пожалуйста запись видео выложить или хотя бы в личку кинуть, а то не сумел присутствовать а очень интересует тема и нужно в неё погрузиться, и очень хочется хоть немного понимать поверхностно перред погружением.

mitilan commented 3 years ago

Записи нет. Выложил слайды, вдруг интересно будет https://www2.slideshare.net/IlyaMitrukov/ssh-protocol-description Мб руки дойдут и выложу команды и элементы конфигов, которые рассмотрели на митапе, в репо на неделе.