Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Download
Standard view
Full view
of .
Look up keyword
Like this
8Activity
0 of .
Results for:
No results containing your search query
P. 1
Public Key Authentication With SSH - 12/05/2008

Public Key Authentication With SSH - 12/05/2008

Ratings:

5.0

(1)
|Views: 473|Likes:
Published by dmnor510
Public Key Authentication With SSH
Public Key Authentication With SSH

More info:

Published by: dmnor510 on Dec 31, 2008
Copyright:Traditional Copyright: All rights reserved

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

05/09/2014

pdf

text

original

 
How to usePublic Key AuthenticationwithSSH 
byDonavon M. Norwood
CS265 Cryptography 
Projectfor Mr. Mark StampProfessor of CryptographySan Jose State University11/25/2008
 
page 2
About me:
My name is Donavon M. Norwood and I am a first year graduate student majoring inComputer Science at San Jose State University in San Jose, CA. Computer Science is arelative new major for me because I have a Bachelor of Science in Computer InformationSystems from Grambling State University in Grambling, Louisiana. You see CS majors aremath or should I say extremely more higher math oriented than CIS majors; now that I am inschool, I see that the CS focus with computers tends to be with math, so not only am Ilearning cryptography in my CS265 Cryptography class, I am learning math as well. Thiscould be tend to be very challenging especially when the instructor prohibits the use of highlevel scientific or any type of calculator. But enough about school.I have worked for various companies including Earthlink Network when they began inPasadena, CA way back around 1995. However my interest in Computer Security did notbegin until 1999 when I was a contractor for Microsoft in Redmond, WA. As a TechnicalSupport Engineer for one of the many unknown Microsoft products, I had my computer hacked TWICE!! I took a course in CCNA and obtained my CCNA in 2001, but unfortunatelythe economy in the Bay Area where I lived burst; so in essence I never used my CCNAprofessionally. So the next thing in Computer Security I tried was by majoring in UnixSystems Administration at Ohlone College where I was required to complete an internship inorder to obtain my Associate of Science. I interned at LBNL (Lawrence Berkeley NationalLab) in Berkeley, California. As a Unix Systems Administrator Intern at LBNL, I wasresponsible for using CUPS (Common Unix Printing Server) to install and configure printersthroughout the LBNL on a CUPS print server; however the challenge of the project was thatonly the department in which a printer was located had access to print to a particular printer.After finishing the internship at LBNL, I interned for Ohlone College as a Adjutant Facultymember; here I completed a project that involved securing HTTP with HTTPS (SSL), GPG,SSH and VPN for my Linux Security class. The result of the project was that I installed andconfigured Apache Web server, DNS, SSL, SSH and Free Swan VPN on several Red Had 7Linux Boxes and used network security tools like Ethereal to scan ports like SSL (443), SSH(22), and Free Swan VPN to verify that these security protocols actually were encrypting data.From there I worked for Wyse Technology, McAfee, and VMWare. I love Firefox browser security add-ons like McAfeeSiteAdvisor  which helps prevents spamming and phishing attacks,WOT (Web of Trust)which is like SiteAdvisor, Yahoo Toolbar with theCA (Computer  Associate) Anti-Spysoftware; I also like to use security software like McAfee InternetSecurity Suite, nmap, ethereal, GPG,Wireshark, etc. So as you can read, I have someexperience in Computer Security. I would not consider my self a Cryptographer or Cryptanalysis, BUT I would consider those who consider themselves Cryptanalysis to break asystem built by me before I would consider myself a security expert; all I would need is aserver running SSH (22), SSL (443), HTTP (80) Apache, IPTables, Oracle 10i, Squid ProxyServer in a VMWare ESX 3 Server environment with VMWare VMotion, DRS, Consolidatedbackup, etc. I'd like to learn how to secure this same environment using BGP and multipleVMWare ESX servers. I know cloud computing has become a big thing in the computer field,and with VMWare ESX 3 Infrastructure which includes connection via fiber channels to SANmakes cloud computing possible, but how to secure such an environment would be achallenge since physical servers are replaced by Virtual Machines running on a ESX 3Server.
 
page 3To secure this environment remotely, I would consider a VPN into each ESX 3 Server; andsince each ESX 3 server can act as a router/firewall running BGP in remote locations, a goodsecurity measure would to connect each ESX 3 Server remotely to another ESX 3 Server inyour BGP cloud computing via VPN; then you know for sure your data between remotelocations is being protected or should I say encrypted as it crosses the for ever evilINTERNET public network between your remote locations, where hackers are waiting toobtain someone YOUR information for whatever reason. This is why we have guys like myinstructor Mark Stamp who teaches my Cryptography class; well at least he is teaching ushow to keep the bad guy away. Thanks Mr. Stamp! Please note that I AM NOT the securityor network expert. Hopefully one day I will be!
What I will speak about
:Well the topic of the paper is
How to use Public Key Authentication with SSH 
, however I needto touch on some other topics related to Cryptography which will lead me into explaining
How to use Public Key Authentication with SSH 
; below are the topics I will discuss:
Cryptography
Authentication and Authentication methods
How to install and configure a RSA Server key pair 
How to configure a SSH client to authenticate with public key cryptography to a SSHserver 
What type of Authentication method does SSH public key cryptography use?
How SSH uses public key cryptography to prevent man-in-the-middle attacks
Conclusion Computer Security is a very broad topic so I will focus my attention on “How to use public keycryptography with SSH”, however I enjoy writing, so maybe I may surprise readers byspeaking about other computer security related topics. To the readers who read this and ask,“What is SSH?”. I am assuming ALL readers who read this paper is familiar with SSH, butsince I can not be 100% sure, before I get into the core of my topic “How to use public keycryptography with SSH”, I will give a brief explanation of what SSH is. SSH stands for for Secure Shell. It was created by Tatu Ylonen in 1995 while he was a researcher at HelsinkiUniversity of Technology. SSH was designed originally as SSH-1, but in 1996 it was replacedby SSH-2 which included security enhancements. SSH was designed to replace the TCPprotocols rsh, ftp, and telnet which warranted many man-in-the-middle-attacks, because theseprotocols sent data like user name and passwords as clear text over the network; however SSH's design was to prevent these so called man-in-the-middle-attacks, and I will discusshow later.

Activity (8)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
Samson Roopkumar liked this
obathily liked this
userraj liked this
bodeg002 liked this
golden_thunder liked this

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->