SlideShare une entreprise Scribd logo

How to increase security with SSH

Vitalii Sharavara
Vitalii Sharavara

This presentation describes how to connect to the remote servers and authenticate with security keys instead of login/password

Technologie
1  sur  10
Télécharger pour lire hors ligne
SSH HOW TO INCREASE SECURITY Vitalii Sharavara
WHAT IS SSH SECURE SHELL ▸ Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. The best known example application is for remote login to computer systems by users. ▸ SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2.
THE SSH PROTOCOL An SSH key is an access credential in the SSH protocol. Its function is similar to that of user names and passwords, but the keys are primarily used for automated processes and for implementing single sign- on by system administrators and power users.
SSH HOW TO CREATE A KEY PAIR ▸ The simplest way to generate a key pair is to run ssh-keygen without arguments. In this case, it will prompt for the file in which to store keys. Here's an example: vsbook (11:39) ~>ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/vitalii/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/vitalii/.ssh/id_rsa. Your public key has been saved in /home/vitalii/.ssh/id_rsa.pub. The key fingerprint is: SHA256:Up6KjbnEV4Hgfo75YM393QdQsK3Z0aTNBz0DoirrW+c vitalii@vsbook The key's randomart image is: +---[RSA 2048]----+ | . ..oo..| | . . . . .o.X.| | . . o. ..+ B| | . o.o .+ ..| | ..o.S o.. | | . %o= . | | @.B... . | | o.=. o. . . .| | .oo E. . .. | +----[SHA256]-----+ vsbook (11:40) ~>
SSH HOW TO CHANGE THE PASSWORD OF “ID_RSA” FILE ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
 
 
 -P passphrase Provides the (old) passphrase.     -p Requests changing the passphrase of a private key file instead of creating a new private key. The program will prompt for the file containing the private key, for the old passphrase, and twice for the new passphrase. Example: ssh-keygen -p -f ~/.ssh/knowledge_base_key -P "oldpass" -N “newpass"
SSH HOW COPY THE KEY TO A SERVER ssh-copy-id -i ~/.ssh/id_rsa devops@devops.deltavn.vn “AUTHORIZED_KEYS” The authorized_keys file in SSH specifies the SSH keys that can be used for logging into the user account for which the file is configured. SSH-RSA AAAAB3NZAC1YC2EAAAABIWAAAIEA0KJDLOIIXJ9XDMXICT9KVAKFUXFQI+CIIKLAN5HHSNGYOU7TIJQYONEU5FONLOAO/ CSHLA+KUARGYTRTIZWCP4TPCTXZHHJRM0GUDJRAGW7SMVIS/5XJBGAYHKJ1YUMGO7+NJTMSCLX6PFOLQYVEURIIVVCCZERGCLH+UTSXK3Z+L7HX9NIDG3/ YLOLC3F3SLXRJKN0GMTGK7BHJFXO4PGUUPJWZLVDUDX+XKIQTT2N4ISYS6N9QVFG3ZUGNLEJZM47NK/YTAC0MAX98PK+QNZSUAQOO/ ISHJ1TOW5WWSCFLPARVJ2AYROQAE7CFQG7Q12I9OLASFD3U5NAZFZCTYAVWA1KZ9UZEWLJ1BR1XOKPQOLEMM8KCP/PXZZ8H0KISKMIJI0/ QUIZOPEBSKLSZXJLALCXR8MG1UIZVWY48I9JHEYXYJ1TOCJ6CPSCPGFHP3DAGSLKKBE1EFAVFEEYGANHESLNDDG3GQ5XSSB9OKQM3V5T8GPFAJBV68BXQ4BK6HJ21A3CINV4LD V3HR/OBUBDG2ECI+ZKRDJLPJUU4YU= VITALII@FECREDIT.COM.VN SSH-RSA AAAAB3NZAC1YC2EAAAABIWAAAIEAYWWHRWQ4FJHT+UUWZCZEPXTJTZOENFPOJUFYCAYSO2NTLZNWNAQEQRFBQSUXKVTOTGXGAPIKUVJRIJNBDJE6IOZVBXZHHJRM0GUDJRAG W7SMVIS/5XJBGAYHKJ1YUMGO7+NJTMSCLX6PFOLQYVEURIIVVCCZERGCLH+UTSXK3Z+L7HX9NIDG3/ YLOLC3F3SLXRJKN0GMTGK7BHJFXO4PGUUPJWZLVDUDX+XKIQTT2N4ISYS6N9QVFG3ZUGNLEJZM47NK/YTAC0MAX98PK+QNZSUAQOO/ ISHJ1TOW5WWSCFLPARVJ2AYROQAE7CFQG7Q12I9OLASFD3U5NAZFZCTYAVWA1KZ9UZEWLJ1BR1XOKPQOLEMM8KCP/PXZZ8H0KISKMIJI0/ QUIZOPEBSKLSZXJLALCXR8MG1UIZVWY48I9JHEYXYJ1TOCJ6CPSCPGFHP3DAGSLKKBE1EFAVFEEYGANHESUXC9WKSEFZCEYMJ+RGJXMKBXNZMYYCBWSSQAEGJPMEUDLWZU2 GD0OBBZ0HXQG9J1XALLOP5AVDKFESZZCC= SHARAVARA@FECREDIT.COM.VN
SUMMARY How to create a new id_rsa file ssh-keygen -t rsa -b 4096 -C "iaroslav.kupriianov@fecredit.com.vn" -f iaroslav.kupriianov_id_rsa How to check key identity ssh-keygen -l -i iaroslav.kupriianov_id_rsa How to change the password ssh-keygen -p -f iaroslav.kupriianov_id_rsa -P "12345678" -N "12345" How to upload pulic key to the server ssh-copy-id -i iaroslav.kupriianov_id_rsa.pub devops@devops01.deltavn.vn How to connect to the server ssh -i iaroslav.kupriianov_id_rsa devops@devops01.deltavn.vn
USE SSH KEYS WITH PUTTY ON WINDOWS USE EXISTING PUBLIC AND PRIVATE KEYS Launch PuTTYgen from the Windows Programs list 1. Click Conversions from the PuTTY Key Generator menu and select Import key. 2. Navigate to the OpenSSH private key and click Open. 3. Under Actions / Save the generated key, select Save private key. 4. Choose an optional passphrase to protect the private key. 5. Save the private key to the desktop as id_rsa.ppk.
USE SSH KEYS WITH PUTTY ON WINDOWS CONNECT TO SERVER WITH PRIVATE KEY 1. Enter the remote server Host Name or IP address under Session. 2. Navigate to Connection > SSH > Auth. 3. Click Browse... under Authentication parameters / Private key file for authentication. 4. Locate the id_rsa.ppk private key and click Open. 5. Finally, click Open again to log into the remote server with key pair authentication.
FILEZILLA SFTP SETTINGS

Recommandé

SSH
SSHSSH
SSHZach Dennis
 
Ssh
SshSsh
SshRaghu nath
 
OpenSSH tricks
OpenSSH tricksOpenSSH tricks
OpenSSH tricksAssem CHELLI
 
SSH - Secure Shell
SSH - Secure ShellSSH - Secure Shell
SSH - Secure ShellPeter R. Egli
 
FLOSS UK DEVOPS Spring 2015 Enhancing ssh config
FLOSS UK DEVOPS Spring 2015 Enhancing ssh configFLOSS UK DEVOPS Spring 2015 Enhancing ssh config
FLOSS UK DEVOPS Spring 2015 Enhancing ssh configdmp1304
 
Ssh that wonderful thing
Ssh that wonderful thingSsh that wonderful thing
Ssh that wonderful thingMarc Cluet
 
Secure SHell
Secure SHellSecure SHell
Secure SHellÇağrı Çakır
 
Secure Shell(ssh)
Secure Shell(ssh)Secure Shell(ssh)
Secure Shell(ssh)Pina Parmar
 

Recommandé

SSH
SSHSSH
SSHZach Dennis
 
Ssh
SshSsh
SshRaghu nath
 
OpenSSH tricks
OpenSSH tricksOpenSSH tricks
OpenSSH tricksAssem CHELLI
 
SSH - Secure Shell
SSH - Secure ShellSSH - Secure Shell
SSH - Secure ShellPeter R. Egli
 
FLOSS UK DEVOPS Spring 2015 Enhancing ssh config
FLOSS UK DEVOPS Spring 2015 Enhancing ssh configFLOSS UK DEVOPS Spring 2015 Enhancing ssh config
FLOSS UK DEVOPS Spring 2015 Enhancing ssh configdmp1304
 
Ssh that wonderful thing
Ssh that wonderful thingSsh that wonderful thing
Ssh that wonderful thingMarc Cluet
 
Secure SHell
Secure SHellSecure SHell
Secure SHellÇağrı Çakır
 
Secure Shell(ssh)
Secure Shell(ssh)Secure Shell(ssh)
Secure Shell(ssh)Pina Parmar
 
Secure shell protocol
Secure shell protocolSecure shell protocol
Secure shell protocolBaspally Sai Anirudh
 
Introduction to SSH & PGP
Introduction to SSH & PGPIntroduction to SSH & PGP
Introduction to SSH & PGPSarang Ananda Rao
 
Secure shell
Secure shellSecure shell
Secure shellArjun Aj
 
Ssh And Rlogin
Ssh And RloginSsh And Rlogin
Ssh And RloginSourav Roy
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSHnussbauml
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Intro to SSH
Intro to SSHIntro to SSH
Intro to SSHJP Bourget
 
Securing the tunnel with Raccoon
Securing the tunnel with RaccoonSecuring the tunnel with Raccoon
Securing the tunnel with RaccoonGloria Stoilova
 
Understanding ssh
Understanding sshUnderstanding ssh
Understanding sshMomita Chowdhury
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)Mehedi Farazi
 
OpenSSH: keep your secrets safe
OpenSSH: keep your secrets safeOpenSSH: keep your secrets safe
OpenSSH: keep your secrets safeGiovanni Bechis
 
OpenSMTPD: we deliver !!
OpenSMTPD: we deliver !!OpenSMTPD: we deliver !!
OpenSMTPD: we deliver !!Giovanni Bechis
 
Ssh
SshSsh
Sshgh02
 
Ost ssl lec
Ost ssl lecOst ssl lec
Ost ssl lecKaustubh Joshi
 
Packet Inspection on ASA
Packet Inspection on ASAPacket Inspection on ASA
Packet Inspection on ASAPratik Bhide
 
Windowshadoop
WindowshadoopWindowshadoop
Windowshadooparunkumar sadhasivam
 
Basic Security in Routing and Switching
Basic Security in Routing and SwitchingBasic Security in Routing and Switching
Basic Security in Routing and SwitchingReza Farahani
 
Importance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesImportance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesAPNIC
 
Importance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesImportance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesMuhammad Moinur Rahman
 
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption Toolkit
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption ToolkitBlack Hat Europe 2017. DPAPI and DPAPI-NG: Decryption Toolkit
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption ToolkitPaula Januszkiewicz
 
SSH.pdf
SSH.pdfSSH.pdf
SSH.pdfAnisSalhi3
 
SSH how to 2011
SSH how to 2011SSH how to 2011
SSH how to 2011Chris Hales
 

Contenu connexe

Tendances

Secure shell
Secure shellSecure shell
Secure shellArjun Aj
 
Ssh And Rlogin
Ssh And RloginSsh And Rlogin
Ssh And RloginSourav Roy
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSHnussbauml
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Securing the tunnel with Raccoon
Securing the tunnel with RaccoonSecuring the tunnel with Raccoon
Securing the tunnel with RaccoonGloria Stoilova
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)Mehedi Farazi
 
OpenSSH: keep your secrets safe
OpenSSH: keep your secrets safeOpenSSH: keep your secrets safe
OpenSSH: keep your secrets safeGiovanni Bechis
 
OpenSMTPD: we deliver !!
OpenSMTPD: we deliver !!OpenSMTPD: we deliver !!
OpenSMTPD: we deliver !!Giovanni Bechis
 
Ssh
SshSsh
Sshgh02
 
Packet Inspection on ASA
Packet Inspection on ASAPacket Inspection on ASA
Packet Inspection on ASAPratik Bhide
 
Basic Security in Routing and Switching
Basic Security in Routing and SwitchingBasic Security in Routing and Switching
Basic Security in Routing and SwitchingReza Farahani
 
Importance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesImportance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesAPNIC
 
Importance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesImportance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesMuhammad Moinur Rahman
 
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption Toolkit
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption ToolkitBlack Hat Europe 2017. DPAPI and DPAPI-NG: Decryption Toolkit
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption ToolkitPaula Januszkiewicz
 

Tendances (20)

Secure shell protocol
Secure shell protocolSecure shell protocol
Secure shell protocol
 
Introduction to SSH & PGP
Introduction to SSH & PGPIntroduction to SSH & PGP
Introduction to SSH & PGP
 
Secure shell
Secure shellSecure shell
Secure shell
 
Ssh And Rlogin
Ssh And RloginSsh And Rlogin
Ssh And Rlogin
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSH
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
 
Intro to SSH
Intro to SSHIntro to SSH
Intro to SSH
 
Securing the tunnel with Raccoon
Securing the tunnel with RaccoonSecuring the tunnel with Raccoon
Securing the tunnel with Raccoon
 
Understanding ssh
Understanding sshUnderstanding ssh
Understanding ssh
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)
 
OpenSSH: keep your secrets safe
OpenSSH: keep your secrets safeOpenSSH: keep your secrets safe
OpenSSH: keep your secrets safe
 
OpenSMTPD: we deliver !!
OpenSMTPD: we deliver !!OpenSMTPD: we deliver !!
OpenSMTPD: we deliver !!
 
Ssh
SshSsh
Ssh
 
Ost ssl lec
Ost ssl lecOst ssl lec
Ost ssl lec
 
Packet Inspection on ASA
Packet Inspection on ASAPacket Inspection on ASA
Packet Inspection on ASA
 
Windowshadoop
WindowshadoopWindowshadoop
Windowshadoop
 
Basic Security in Routing and Switching
Basic Security in Routing and SwitchingBasic Security in Routing and Switching
Basic Security in Routing and Switching
 
Importance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesImportance of SSHFP for Network Devices
Importance of SSHFP for Network Devices
 
Importance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesImportance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devices
 
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption Toolkit
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption ToolkitBlack Hat Europe 2017. DPAPI and DPAPI-NG: Decryption Toolkit
Black Hat Europe 2017. DPAPI and DPAPI-NG: Decryption Toolkit
 

Similaire à How to increase security with SSH

How To Setup SSH Keys on CentOS 7
How To Setup SSH Keys on CentOS 7How To Setup SSH Keys on CentOS 7
How To Setup SSH Keys on CentOS 7VCP Muthukrishna
 
SSH Key Management
SSH Key ManagementSSH Key Management
SSH Key ManagementFox Pass
 
Creating SSH Key.pptx
Creating SSH Key.pptxCreating SSH Key.pptx
Creating SSH Key.pptxSaumya876452
 
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform EnviornmentNagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform EnviornmentNagios
 
Discuss what is SSH and the advantages and disadvantages of using it.pdf
Discuss what is SSH and the advantages and disadvantages of using it.pdfDiscuss what is SSH and the advantages and disadvantages of using it.pdf
Discuss what is SSH and the advantages and disadvantages of using it.pdfinfo309708
 
SSH for pen-testers
SSH for pen-testersSSH for pen-testers
SSH for pen-testersE D Williams
 
How to set up ssh keys on ubuntu
How to set up ssh keys on ubuntuHow to set up ssh keys on ubuntu
How to set up ssh keys on ubuntucollegeinit
 
Open ssh cheet sheat
Open ssh cheet sheatOpen ssh cheet sheat
Open ssh cheet sheatPiyush Mittal
 
Presentation nix
Presentation nixPresentation nix
Presentation nixfangjiafu
 
Presentation nix
Presentation nixPresentation nix
Presentation nixfangjiafu
 
0696-ssh-the-secure-shell.pdf
0696-ssh-the-secure-shell.pdf0696-ssh-the-secure-shell.pdf
0696-ssh-the-secure-shell.pdfAnasElbaz
 

Similaire à How to increase security with SSH (20)

SSH.pdf
SSH.pdfSSH.pdf
SSH.pdf
 
SSH how to 2011
SSH how to 2011SSH how to 2011
SSH how to 2011
 
How To Setup SSH Keys on CentOS 7
How To Setup SSH Keys on CentOS 7How To Setup SSH Keys on CentOS 7
How To Setup SSH Keys on CentOS 7
 
SSH Key Management
SSH Key ManagementSSH Key Management
SSH Key Management
 
SSh_part_1.pptx
SSh_part_1.pptxSSh_part_1.pptx
SSh_part_1.pptx
 
Creating SSH Key.pptx
Creating SSH Key.pptxCreating SSH Key.pptx
Creating SSH Key.pptx
 
Cent os 5 ssh
Cent os 5 sshCent os 5 ssh
Cent os 5 ssh
 
Ssh cookbook v2
Ssh cookbook v2Ssh cookbook v2
Ssh cookbook v2
 
Ssh cookbook
Ssh cookbookSsh cookbook
Ssh cookbook
 
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform EnviornmentNagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
 
Discuss what is SSH and the advantages and disadvantages of using it.pdf
Discuss what is SSH and the advantages and disadvantages of using it.pdfDiscuss what is SSH and the advantages and disadvantages of using it.pdf
Discuss what is SSH and the advantages and disadvantages of using it.pdf
 
Rhel5
Rhel5Rhel5
Rhel5
 
SSH for pen-testers
SSH for pen-testersSSH for pen-testers
SSH for pen-testers
 
How to set up ssh keys on ubuntu
How to set up ssh keys on ubuntuHow to set up ssh keys on ubuntu
How to set up ssh keys on ubuntu
 
Open ssh cheet sheat
Open ssh cheet sheatOpen ssh cheet sheat
Open ssh cheet sheat
 
Logging remotely open ssh
Logging remotely open sshLogging remotely open ssh
Logging remotely open ssh
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
 
Ssh tunnel
Ssh tunnelSsh tunnel
Ssh tunnel
 
0696-ssh-the-secure-shell.pdf
0696-ssh-the-secure-shell.pdf0696-ssh-the-secure-shell.pdf
0696-ssh-the-secure-shell.pdf
 

Dernier

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 

Dernier (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 

How to increase security with SSH

  • 1. SSH HOW TO INCREASE SECURITY Vitalii Sharavara
  • 2. WHAT IS SSH SECURE SHELL ▸ Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. The best known example application is for remote login to computer systems by users. ▸ SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2.
  • 3. THE SSH PROTOCOL An SSH key is an access credential in the SSH protocol. Its function is similar to that of user names and passwords, but the keys are primarily used for automated processes and for implementing single sign- on by system administrators and power users.
  • 4. SSH HOW TO CREATE A KEY PAIR ▸ The simplest way to generate a key pair is to run ssh-keygen without arguments. In this case, it will prompt for the file in which to store keys. Here's an example: vsbook (11:39) ~>ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/vitalii/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/vitalii/.ssh/id_rsa. Your public key has been saved in /home/vitalii/.ssh/id_rsa.pub. The key fingerprint is: SHA256:Up6KjbnEV4Hgfo75YM393QdQsK3Z0aTNBz0DoirrW+c vitalii@vsbook The key's randomart image is: +---[RSA 2048]----+ | . ..oo..| | . . . . .o.X.| | . . o. ..+ B| | . o.o .+ ..| | ..o.S o.. | | . %o= . | | @.B... . | | o.=. o. . . .| | .oo E. . .. | +----[SHA256]-----+ vsbook (11:40) ~>
  • 5. SSH HOW TO CHANGE THE PASSWORD OF “ID_RSA” FILE ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
 
 
 -P passphrase Provides the (old) passphrase.     -p Requests changing the passphrase of a private key file instead of creating a new private key. The program will prompt for the file containing the private key, for the old passphrase, and twice for the new passphrase. Example: ssh-keygen -p -f ~/.ssh/knowledge_base_key -P "oldpass" -N “newpass"
  • 6. SSH HOW COPY THE KEY TO A SERVER ssh-copy-id -i ~/.ssh/id_rsa devops@devops.deltavn.vn “AUTHORIZED_KEYS” The authorized_keys file in SSH specifies the SSH keys that can be used for logging into the user account for which the file is configured. SSH-RSA AAAAB3NZAC1YC2EAAAABIWAAAIEA0KJDLOIIXJ9XDMXICT9KVAKFUXFQI+CIIKLAN5HHSNGYOU7TIJQYONEU5FONLOAO/ CSHLA+KUARGYTRTIZWCP4TPCTXZHHJRM0GUDJRAGW7SMVIS/5XJBGAYHKJ1YUMGO7+NJTMSCLX6PFOLQYVEURIIVVCCZERGCLH+UTSXK3Z+L7HX9NIDG3/ YLOLC3F3SLXRJKN0GMTGK7BHJFXO4PGUUPJWZLVDUDX+XKIQTT2N4ISYS6N9QVFG3ZUGNLEJZM47NK/YTAC0MAX98PK+QNZSUAQOO/ ISHJ1TOW5WWSCFLPARVJ2AYROQAE7CFQG7Q12I9OLASFD3U5NAZFZCTYAVWA1KZ9UZEWLJ1BR1XOKPQOLEMM8KCP/PXZZ8H0KISKMIJI0/ QUIZOPEBSKLSZXJLALCXR8MG1UIZVWY48I9JHEYXYJ1TOCJ6CPSCPGFHP3DAGSLKKBE1EFAVFEEYGANHESLNDDG3GQ5XSSB9OKQM3V5T8GPFAJBV68BXQ4BK6HJ21A3CINV4LD V3HR/OBUBDG2ECI+ZKRDJLPJUU4YU= VITALII@FECREDIT.COM.VN SSH-RSA AAAAB3NZAC1YC2EAAAABIWAAAIEAYWWHRWQ4FJHT+UUWZCZEPXTJTZOENFPOJUFYCAYSO2NTLZNWNAQEQRFBQSUXKVTOTGXGAPIKUVJRIJNBDJE6IOZVBXZHHJRM0GUDJRAG W7SMVIS/5XJBGAYHKJ1YUMGO7+NJTMSCLX6PFOLQYVEURIIVVCCZERGCLH+UTSXK3Z+L7HX9NIDG3/ YLOLC3F3SLXRJKN0GMTGK7BHJFXO4PGUUPJWZLVDUDX+XKIQTT2N4ISYS6N9QVFG3ZUGNLEJZM47NK/YTAC0MAX98PK+QNZSUAQOO/ ISHJ1TOW5WWSCFLPARVJ2AYROQAE7CFQG7Q12I9OLASFD3U5NAZFZCTYAVWA1KZ9UZEWLJ1BR1XOKPQOLEMM8KCP/PXZZ8H0KISKMIJI0/ QUIZOPEBSKLSZXJLALCXR8MG1UIZVWY48I9JHEYXYJ1TOCJ6CPSCPGFHP3DAGSLKKBE1EFAVFEEYGANHESUXC9WKSEFZCEYMJ+RGJXMKBXNZMYYCBWSSQAEGJPMEUDLWZU2 GD0OBBZ0HXQG9J1XALLOP5AVDKFESZZCC= SHARAVARA@FECREDIT.COM.VN
  • 7. SUMMARY How to create a new id_rsa file ssh-keygen -t rsa -b 4096 -C "iaroslav.kupriianov@fecredit.com.vn" -f iaroslav.kupriianov_id_rsa How to check key identity ssh-keygen -l -i iaroslav.kupriianov_id_rsa How to change the password ssh-keygen -p -f iaroslav.kupriianov_id_rsa -P "12345678" -N "12345" How to upload pulic key to the server ssh-copy-id -i iaroslav.kupriianov_id_rsa.pub devops@devops01.deltavn.vn How to connect to the server ssh -i iaroslav.kupriianov_id_rsa devops@devops01.deltavn.vn
  • 8. USE SSH KEYS WITH PUTTY ON WINDOWS USE EXISTING PUBLIC AND PRIVATE KEYS Launch PuTTYgen from the Windows Programs list 1. Click Conversions from the PuTTY Key Generator menu and select Import key. 2. Navigate to the OpenSSH private key and click Open. 3. Under Actions / Save the generated key, select Save private key. 4. Choose an optional passphrase to protect the private key. 5. Save the private key to the desktop as id_rsa.ppk.
  • 9. USE SSH KEYS WITH PUTTY ON WINDOWS CONNECT TO SERVER WITH PRIVATE KEY 1. Enter the remote server Host Name or IP address under Session. 2. Navigate to Connection > SSH > Auth. 3. Click Browse... under Authentication parameters / Private key file for authentication. 4. Locate the id_rsa.ppk private key and click Open. 5. Finally, click Open again to log into the remote server with key pair authentication.