GitHub/quartz
1
0
Fork 2
mirror of https://github.com/jackyzha0/quartz.git synced 2026-03-24 15:05:42 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity
d494246c5a
quartz/content/notes/13-ssh.md
Jet Hughes d494246c5a vault backup: 2023-04-17 10:43:55
2023-04-17 10:43:55 +12:00

2.3 KiB
Raw Blame History

title tags
13-ssh
lecture
cosc301

What is a terminal?

  • An electronic device used for entering data into, and displaying data from a computer
    • Dumb terminal (thin client): no local processing ability
    • Smart terminal (fat client): has local processing ability 300

[!INFO] from programmer POV, terminal is the interface associated with a device/program

  • Hard-copy terminals

    • TeleTYpewriter (TTY)
    • DEC VT-100 terminal

  • Terminal emulator

    • a program that does what a dumb terminal used to do
    • Terminal window

100

[!INFO] there are two entities → terminal master/client and terminal client/slave/server. similar to client server a process can access the pseudo terminal

[!INFO] terminal modes raw mode sends every keystroke canonical mode sends processed input. with tab completion etc

TTY Remote History

  • Berkeley r-commands
    • rsh remote shell commands
    • rlogin remote terminal
    • rcp remote copy
    • Bad security
      • Weak host-based authentication Privileged ports
      • .rhosts
      • no password
  • Telnet
    • Remote terminal, similar to rlogin
    • User-based authentication

Past Problems & Solutions - Everything sent in clear-text, no encryption - solution encrypt all traffic

  • Weak Host-based authentication
    • Exploitable trust relationships
    • Privileged ports offer little protection
    • solution Port forwarding
  • Server is not authenticated
    • Potential Man-in-the-middle (MITM) attack Encrypt all traffic
    • solution Authenticate both user and server

[!INFO] port forwarding in old days when you has an open for for mail/internet, anyone could connect now only allow certain points to be accessed

Keys

  • User Key
    • A persistent, asymmetric key used by clients as proof of a user's identity.
    • A single user may have multiple keys
  • Host Key
    • A persistent, asymmetric key used by a server as proof of its identity
    • Used by a client when proving its host's identity as part of trustedhost authentication
  • Server Key
    • A temporary, asymmetric key used in the SSH-1 protocol.
    • It is regenerated by the server at regular intervals (by default every hour) and protects the session key
  • Session Key
    • A randomly generated, symmetric key for encrypting the communication between an SSH client and server.