Shell Protocols

1
Shell Protocols

• Elly Bornstein
• Hiral PatelPranav Patel
• Priyank Desai
• Swar Shah

2
Agenda

• Introduction
• R Utilities
• Secure Shell Protocol
• Architecture of SSH
• How SSH works
• Features and Advantages
• Limitations
• Security Concerns
• Tools
• Conclusion

3
Introduction

• What is Shell?
• What are Shell Protocols?
• R Utilities

4
R Utilities

• Rlogin - allows users to log in remotely
• Rcp - provides remote file transfer.
• Rsh - executes a remote command through the rshd
  daemon
• Rexec - executes a remote command through the
  rexecd daemon
• R Utilities Security Concerns

5
Secure Shell Protocol (SSH)

• What is SSH?
• Why SSH?
• Different versions of SSH
• SSH-1
• SSH-2

6
Secure Shell Architecture

• Where does SSH lie in the protocol
• hierarchy?
• Figure Secure Shell operates at the application
  layer of the TCP/IP stack,
• Source www.ssh.com

7
Secure Shell - Architecture

• SSH Architecture consists of 3 components
• The Transport Layer Protocol SSH-TRANS
• The User Authentication Protocol
• SSH-USERAUTH
• The Connection Protocol SSH-CONNECT
• The complete view of SSH Architecture arch.doc

8
SSH Layers

• SSH-TRANS
• Server Authentication
• Each Server must have a Host Key
• Client must have prior knowledge of host keys
  local database, trusted certification authority
• Danger Man in the middle attack
• Confidentiality
• Integrity
• Key-Exchange
• Compression optional

9
SSH Layers contd.

• SSH-USERAUTH
• Authenticates Client-Side User
• Authentication Methods
• 1. Password-Based Authentication
• 2. Public-Key Based Authentication
• 3. Host-Based Authentication
• 4. GSSAPI Authentication Methods

10
SSH Layers contd.

• SSH-CONN
• Multiplexes Encrypted Channel into several
  logical channels
• Provides services such as
• Multiple interactive and non-interactive
  sessions
• Managing X, Port and Agent forwarding
• Terminal handling
• Remote program execution

11
How SSH works?

• Host Identification
• Encryption
• User Authentication
• Access to desired services
• Relate back to arch.doc

12
Features and Advantages

• SSH and SFTP for secure file transfer
• SSH and SCP for alternative to RCP
• Port forwarding and Tunneling
• Support terminal protocols for remote
  administration
• Secure proxy connection for Internet browsing
• Authentication methods Kerberos, SecureID, RSA,
  etc.

13
Limitations

• Port ranges cant be forwarded
• Poor performance on older computers
• Graphical applications can be started, but cannot
  be seen
• Child processes are not killed when the user logs
  out

14
Security Concerns

• Man-in-the-middle attack
• Denial of Service
• Message replay attack
• Data integrity

15
Tools

• Multi-platform
• PuTTy
• Conch
• Windows
• SecureCRT
• WinSCP
• Unix-like OS
• LSH
• OpenSSH

16
Conclusion

• Provides secure data transfer across the network
• Provides the space for extensibility and options
  for using different algorithms
• Most of the limitations and probable threats can
  be avoided by using proper algorithms and
  policies

17
Thank You