Secure Shell

New protocol out SSH2 not quite ready for prime time as important config parameters are not implemented yet and the default behaviour is not explained in the man pages.

SSH package includes secure shell ssh and secure copy scp which are versions of the familiar unix rsh, sh and rcp, cp commands which run over secure socket layer ssl.SSH2 also includes sftp a secure ftp over ssl.

SSH is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and secure communications ssl over insecure channels. It is intended as a replacement for rlogin, rsh, rcp, rdist and with ssh2 ftp.

In order to make SSH secure it is necessary to set the following parameters which prevent, among other things, SSH from falling out into clear/unencrypted mode. 

Parameter  1.2.22 / 1.2.24  1.2.26 SSH 2
Compilation options      
   --without-none --without-none  
   --without-rsh --without-rsh  
       
Server side Config  /etc/sshd_config /etc/sshd_config /etc/ssh2/sshd2_config
KeyRegenerationInterval 2000 2000 -
KeepAlive yes yes yes
FascistLogging yes yes Quiet mode no
IgnoreRhosts yes yes yes
PermitEmptyPasswords no no no
RhostsAuthentication no no no
RhostsRSAAuthentication   yes yes RHostsPubKeyAuthentication yes
ServerKeyBits 1024 + 1024+ see keygen program
PermitRootLogin yes yes  nopwd
      Ssh1Compatibility yes
      Sshd1Path <path to sshd ver1>
 Client side Config  /etc/ssh_config /etc/ssh_config /etc/ssh2/ssh2_config
StrictHostKeyChecking yes yes yes
FallBackToRsh No no no
UseRsh no no no
      Ssh1Compatibility yes
       Ssh1Path <path to ssh ver1>
      QuietMode no

Currently if using pre 1.2.26 versions the best idea is to step up to 1.2.26 which is both forward compatible with SSH 2 and backward compatible with SSH 1 versions. 
When all machines are at 1.2.26 you can upgrade to SSH2 which has many new features including sftp. for more info see http://www.ssh.fi/sshprotocols2/index.html

an empty config  file should be placed in the users home directory owned by root  and writable only by root. This will force the system wide settings for all users.

--without-none never allow clear text (unencrypted) communication in the case where one of the servers has no key. 
--without-rsh never allow rshell rhosts as an option when a server has no key. 

The StrictHostKeyChecking  option 
can be used to prevent logins to machines whose host key  is not known or has changed. 
If this flag is  set  to  "yes",  ssh  ssh  will  never automatically add host keys to the /etc/ssh_known_host or $HOME/.ssh/known_hosts file,  and  refuses  to  connect hosts  whose  host key has changed.  This provides maximum protection against trojan horse attacks. 

RhostsRSAAuthentication when set to yes this allows ~/.shosts to define keys 

May be set to "yes", "nopwd", or "no".The "nopwd" value disables password-authenticated root logins."nopwd" and "no" are equivalent unless you have a .ssh/authorized_keys file in the root home directory. 
Root login with RSA authentication when the "command" option has been specified will be allowed regardless of the value of this setting (which may be useful for taking remote backups even if root login is normally not allowed. 
SSH includes the following important files 

  • /etc/sshd_config /etc/ssh_config                                  configuration files
  • ~/.ssh/                                                                          directory ssh info per user
  • known_hosts identity identity.pub authorized_keys hosts and keys
CONFIGURATION FILES

The server has a configuration file /etc/sshd_config, It is explained in the sshd manual page.

The client reads a configuration file /etc/ssh_config, which gives site-wide defaults for various options. Options in this file can be overridden by per-user configuration files. The file is documented on the ssh manual page

Links for information about

Windows NT or 95 freeware version from Berkeley

or a commercial version for NT or 95 from Data Fellows

download ssh1.2.14 win32 Berkeley Version for NT or Win95

Extra Info:

The General WWW home page for ssh is here.(mainly deals with SSH in the unix environment) It contains an archive of the mailing list, and detailed information about new releases, mailing lists, and other relevant issues.

Configure SSH on a Solaris box:

For most machines and configurations, the following is all you need
./configure --without-none --without-rsh
make
make install

Then check (and edit if needed) the following files(see above table):
/etc/sshd_config (server configuration file)
/etc/ssh_config (client configuration file - defaults for users)

or for SSH2
/etc/sshd2_config (server configuration file)
/etc/ssh2_config (client configuration file - defaults for users)

You may also want to create the /etc/ssh_known_hosts for your site and update it periodically. See the manual page for make-ssh-known-hosts on how to do this easily. The file format is documented on the sshd manual page

You should also edit /etc/rc.local or equivalent to start sshd at boot

CLIENT SUID ROOT, SERVER RUN AS ROOT

This package installs two programs that need special privileges. Ssh is the client program, and it is by default installed as suid root, because it needs to create a privileged port in order to use .rhosts files for authentication. If it is not installed as suid root, it will still be usable, but .rhosts authentication will not be available. Also, the private host key file is readable by root only Sshd is the daemon that listens for connections. It should preferably be run as root, because it is by normally listening on a privileged port, and it needs to be able to do setuid(), update utmp, chown ptys etc. when a user logs in. If it is not run as root, explicit "-p port" option must be given to specify an alternate port (same port must also be specified for clients), "-h host_key_file_path" must be given to specify an alternate host key file, and it cannot be used to log in as any other user than the user running it (because it cannot call setuid()).
Also, if your system uses shadow passwords, password authentication will not work when running as someone else than root.

Both the server and the client have been carefully screened for possible security problems, and are believed to be secure. However, there can be no guarantee.

Configure SSH on an NT box:(extra points)

You'll need to create a c:\ssh\etc directory to keep your ssh_config, ssh_host_key, and ssh_host_key.pub in. You need to generate the keys on your Unix box with ssh-keygen (bug ssh-keygen doesnt work on NT)

Next, make sure your HOME environment variable is set. On NT, this can be done via the Control Panel->System. 

Create a <HOME>\.ssh directory (don't forget the dot)
Copy(ftp) your identity and identity.pub files in this subdirectory (these 2 files were generated by ssh-keygen on the unix box)

Setting up ssh to work without requiring any passwords

After installing SSH if you need a destination machine  to trust the source machine. Do the following :

     

  • .ssh/Identity.pub (public key) of the source machine needs to be appended to the list of keys in .ssh/authorized_keys on the destination machine.