Creating SSH Tunnels in Linux

Posted on July 2nd, 2008 in Networking, Security by admin

Many of us have been in this scenario - you’re on the move, using a random WiFi connection that you can get. You want to browse around to all your favourite sites, including ones where you log in over normal HTTP, but you’re not entirely convinced of the security of the connection, so you don’t.

If you have access to pretty much any server running SSH where you can log in, you actually can set up a secure tunnel to route all of your data through using nothing more than what you already have. Kind of like a very simple VPN, that you can do on the fly.

How To Add a Welcome Message for SSH Users

Posted on June 6th, 2008 in Networking by admin

Here is a quick tip on how to add a welcome message for your SSH users.

If you want users to see a banner welcome message when connecting to your SSH server, you need to turn on the banner configuration of SSHd and then create a banner file.

Protect SSH from brute force attacks

Posted on June 4th, 2008 in Networking, Security by admin

pam_abl provides auto blacklisting of hosts and users responsible for repeated failed authentication attempts. Generally configured so that blacklisted users still see normal login prompts but are guaranteed to fail to authenticate.

Brute force password discovery attacks involve repeated attempts to authenticate against a service using a dictionary of common passwords. While it is desirable to enforce strong passwords for users this is not always possible and in cases where a weak password has been used brute force attacks can be effective.

The pam_abl module monitors failed authentication attempts and automatically blacklists those hosts (and accounts) that are responsible for large numbers of failed attempts. Once a host is blacklisted it is guaranteed to fail authentication even if the correct credentials are provided.

Blacklisting is triggered when the number of failed authentication attempts in a particular period of time exceeds a predefined limit. Hosts which stop attempting to authenticate will, after a period of time, be un-blacklisted.

Download: Here

The Ultimate SSH Security Tutorial

Posted on May 14th, 2008 in Networking, Security by admin

SSH is one of the most secure communication methods we have. It’s encrypted, and even the passwords can’t be sniffed. But it’s not invincible. Weak passwords can be brute forced and open ports invite automated bots looking for that open port 22. But there’s a number of ways we can harden our ssh server.

Note: Ubuntu, Mint, Linspire, and Debian Readers, please read this regarding an OpenSSL Vulnerability:

Creating ssh reverse tunnel

Posted on May 13th, 2008 in Networking by admin

Imagine you are out of the office, but you have an important document that you have to get from your personal computer in your office. Unfortunately your computer is protected behind a firewall, making it impossible to access. But you have a server that you can access and your personal computer also can access this server. This is where ssh reverse tunnel come into action. For easy explanation, we will call your current computer as current, your server as middle>and your personal computer at the office as target

Basics of ssh and scp

Posted on March 10th, 2008 in Basics, Commandline Tools, Linux+, Networking by admin

What is OpenSSH? According to the OpenSSH page: OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions. The OpenSSH suite replaces rlogin and telnet with the ssh program, rcp with scp, and ftp with sftp. Also included is sshd (the server side of the package), and the other utilities like ssh-add, ssh-agent, ssh-keysign, ssh-keyscan, ssh-keygen and sftp-server.

OpenSSH is developed by the OpenBSD Project. The software is developed in countries that permit cryptography export and is freely usable and re-usable by everyone under a BSD license.

General speaking it is the remote terminal connection of choice. In this entry we are only going to cover the very basics of ssh and scp. We will cover more advanced features and sftp in later entries.

Preventing Brute Force Attacks With Fail2ban

Posted on March 5th, 2008 in Networking, Security by admin

Related Reading:

  1. Linux to Linux Key Based SSH
  2. Protect SSH Access With hosts files and a proper sshd_config

In this article I will show how to install and configure fail2ban on your system. Fail2ban is a tool that observes login attempts to various services, e.g. SSH, FTP, SMTP, Apache, etc., and if it finds failed login attempts again and again from the same IP address or host, fail2ban stops further login attempts from that IP address/host by blocking it with an iptables firewall rule.

Fail2ban is similar to DenyHosts but unlike DenyHosts which focuses on SSH, fail2ban can be configured to monitor any service that writes login attempts to a log file, and instead of using /etc/hosts.deny only to block IP addresses/hosts, fail2ban can use iptables and /etc/hosts.deny.

Protect SSH Access With hosts files and a proper sshd_config

Posted on March 5th, 2008 in Networking, Security by admin

Related Reading:

  1. Linux to Linux Key Based SSH
  2. Preventing Brute Force Attacks With Fail2ban

To cover a few more loose ends on the access to the ssh service running on your machine I would suggest editing your host files to properly reject connections. In this following tutorial we’re going to cover locking down ssh without installing any extra applications.

Linux to Linux Key Based SSH

Posted on March 5th, 2008 in Networking, Security by admin

Related Reading:

  1. Protect SSH Access With hosts files and a proper sshd_config
  2. Preventing Brute Force Attacks With Fail2ban

Ssh (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and secure communications over unsecure channels. It is intended as a replacement for rlogin, rsh, and rcp.Additionally, ssh provides secure X connections and secure forwarding of arbitrary TCP connections. Ssh currently runs on UNIX or related systems, plus under OS/2. Ports have been successful to all “mainstream” UNIX systems.

SSH is either installed by default, or you can install it on your distribution from their repositories.

In Suse, it is on the DVD/CD. Make sure that’s in your drive and in turned on in your sources then zypper in ssh. In Ubuntu, to install ssh server do an apt-get install ssh.