Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
I
I
Igor2013-03-20 11:40:24
System administration
Igor, 2013-03-20 11:40:24

What is the security of SSH?

I'm trying to understand how safe it is to use SSH with default settings. And if you need to change something, then what exactly. Of the threats, I am interested in:

Decryption of traffic between the client and the server during a man-in-the-middle attack:
1. at the time of authorization (interception of authorization packets and password recovery for access to the ssh server)
2. after authorization (recovery of any data: commands entered in the remote console or traffic if the ssh server acts as an ssh socks proxy)
Other security issues (password guessing, etc.) are not particularly interesting, because you can connect to the ssh server only from certain IPs (implemented with iptables settings).

OS: Ubuntu 12.04
SSH server: SSH-2.0-OpenSSH_5.9p1

SSH server files:

668 bytes - /etc/ssh/ssh_host_dsa_key
608 bytes - /etc/ssh/ssh_host_dsa_key.pub
2276 bytes - /etc/ssh/ssh_host_ecdsa_key
180 bytes - /etc/ssh/ssh_host_ecdsa_key.pub
1679 bytes - /etc/ssh/ssh_host_rsa_key
400 bytes - /etc/ssh/ssh_host_rsa_key.pub

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
J
joneleth, 2013-03-20
@joneleth

what is it for you at all? Default settings are quite sufficient in real life.

Report
@
@sledopit, 2013-03-20
_

mitm only works with password authentication. with the keys you can sleep peacefully. more details .
it is also not possible to infiltrate an established session, emnip.

Report
C
ComodoHacker, 2013-03-20
@ComodoHacker

Parser error, sorry

Report
C
ComodoHacker, 2013-03-20
@ComodoHacker

[email protected]:~$ grep '^[^;#]' /etc/ssh/sshd_config Port XXXXX Protocol 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key UsePrivilegeSeparation yes KeyRegenerationInterval 3600 ServerKeyBits 768 SyslogFacility AUTH LogLevel INFO LoginGraceTime 120 PermitRootLogin no StrictModes yes RSAAuthentication no PubkeyAuthentication yes IgnoreRhosts yes RhostsRSAAuthentication no HostbasedAuthentication no PermitEmptyPasswords no ChallengeResponseAuthentication no PasswordAuthentication no X11Forwarding no X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server -u 0007 UsePAM yes
Honestly, I don’t remember exactly what I changed, but in my opinion only the port, password entry and root
. This is on the servers. If a lot of people go to the car and they set their own password keys, then you have to seriously think about it. Human factor.

Similar questions
P
Pavel Emelyanov2018-01-16 09:11:39
Why does the extensions_additional.conf file change after entering the web interface? 3Reply
S
Stepushin Roman2017-07-17 10:15:58
What program to monitor the activity of network printers? 4Reply
A
Anton V.2021-05-31 10:47:33
Differences in support and maintenance of a dedicated server compared to a VPS? 2Reply
M
mitaichik2017-07-19 12:08:32
What utility to monitor traffic to use? 2Reply
S
SysUtils2017-07-19 23:40:54
Setting up Dante Client? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question