Quick Tips on Secure Shell

SSH is a perfect security alternative to Telnet and has been used by system administrators and IT managers to configure and implement servers and network devices, here I wanted to list manual on Secure Shell usage.

First let’s start by choosing SSH client here we will find no problem because generally there are two accepted solutions PuTTY and SecureCRT, both are really good. But while SecureCRT is not a free solution we find that many IT Technician prefer to use PuTTY.

With using PuTTY you can connect to your server via: Raw,Telnet,Rlogin,FTP(SFTP),SSH1,SSH2. In addition to supporting all these protocols you can find more TOOLS:

– Puttygen – generator Rsa / Dsa keys used for authentication.
– Pagent – authentication agent helps to store the keys in memory.
– Plink – command line interface.
– Pscp – utility that provides safe files copying.
– Psftp – secure ftp-client for copying, viewing, renaming files…

Despite all these functionality, working with SecureCRT is more comfortable for one useful option which is using the tabs for different sessions. If you are working on five servers or even more for example with putty you will find some difficulties in switching between them, but to handle this French group released PuTTY Connection Manager. PuTTY Connection Manager is free PuTTY Client Add-on for Windows platforms which goal is to provide a solution for managing multiple PuTTY instances. So PuTTY Connection Manager will only combine the open windows in a user-friendly interface, and also provides an advanced interface for the connection settings.

Well to implement the server side SSH you can use the standard OpenSSH it is by default installed on any UNIX distribution for other system you can setup DropBear. It is an opensource software useful for “embedded”-type Linux (or other Unix) systems, such as wireless routers. For Windows 2000, XP, 2003, Vista, 2008, and 7 you can use WinSSHD or MobaSSH and all that you need is to press install button and the system will immediately adds the new service.

MobaSSH is basically an OpenSSH that is compiled with Cygwin. And you will have a number of useful commands:

– MobaHwInfo: provides information about the OS and Hardware.
– MobaSwInfo: list the software installed on the system
– MobaTaskList, MobaKillTask: a list the processes running on the system and kill the desired processes.
– TCPCapture: Monitor the Network
– Scp, sftp: transmit data in an Encrypted form over ssh-connection
– Rsync, wget: synchronizing local folders to network resources.

If we are talking about SSH we cannot miss the secure file transfer, when you connect to server via SSH client can perform all basic operations: upload file to the server, rename files and folders, change files properties, and create links and shortcuts. One of the most famous utility here on windows is WinSCP.

Now it is very important to keep your system up to date and mitigate the risk but there is a very important thing to do is to protect your system against brute force attack. Authorization using login and password considered not secure so in most cases it is recommended to disable it on server. But if we really need it you should implement intrusion prevention system. For example Sshguard.Sshguard will help to monitor logs, detect attacks and block the attacker with a firewall rule. the logs are collected from (syslog, syslog-ng, metalog, multilog, raw) and it calculate the suspicious activity such as passwords guessing attempts and block IP addresses by using the local packet filtering (pf, ipfw, netfilter / iptables, or hosts.allow file). There is also some similar projects such as Fail2ban and Sshdfilter 1.5.5.

Finally for mobile devices SSH client you can use the following:

– Symbian: PuTTY for Symbian OS
– Windows Mobile: PocketPuTTY
– Java: MidpSSH
– iPhone: iSSH

And for SSH Brute force you can use the following:

SSH Brute Forcer
– SSH BruteForcer
– THC Hydra

As you can see it is possible to do your tasks in a fast and secure way regardless the environment implemented using Secure Shell.

make sure you subscribe to my RSS feed!