From 22f01a9be0898a4cddd04b1d90d6f3f1eea3abdc Mon Sep 17 00:00:00 2001
From: Jet Hughes <jethughes0@gmail.com>
Date: Mon, 17 Apr 2023 10:28:55 +1200
Subject: [PATCH] vault backup: 2023-04-17 10:28:55

---
 content/notes/13-ssh.md | 35 ++++++++++++++++++++++++++++++++++-
 1 file changed, 34 insertions(+), 1 deletion(-)

diff --git a/content/notes/13-ssh.md b/content/notes/13-ssh.md
index ec203fc51..ed8aa544e 100644
--- a/content/notes/13-ssh.md
+++ b/content/notes/13-ssh.md
@@ -25,4 +25,37 @@ What is a terminal?
 
 > [!INFO] there are two entities → terminal master/client and terminal client/slave/server. 
 > similar to client server
-> a process can access the pseudo terminal
\ No newline at end of file
+> a process can access the pseudo terminal
+
+
+> [!INFO] terminal modes
+> raw mode sends every keystroke
+> canonical mode sends processed input. with tab completion etc
+
+TTY Remote History 
+- Berkeley ‘r’-commands 
+	- rsh remote shell commands 
+	- rlogin remote terminal 
+	- rcp remote copy 
+	- Bad security
+		- Weak host-based authentication Privileged ports
+		- .rhosts
+		- no password
+- Telnet 
+	- Remote terminal, similar to rlogin 
+	- User-based authentication
+
+Past Problems & Solutions 
+	- Everything sent in clear-text, no encryption 
+	- **solution** encrypt all traffic
+- Weak Host-based authentication 
+	- Exploitable trust relationships 
+	- Privileged ports offer little protection 
+	- **solution** Port forwarding
+- Server is not authenticated 
+	- Potential Man-in-the-middle (MITM) attack Encrypt all traffic 
+	- **solution** Authenticate both user and server
+
+> [!INFO] port forwarding
+> in old days when you has an open for for mail/internet, anyone could connect
+> now only allow certain points to be accessed
\ No newline at end of file