Intro
Secure shell. Common ports: 22
.
Structure
The Flow
- Wanna talk
- Ok. Let’s talk. Here is my public key. Here are the protocols that I support.
- Thanks Checks for known hosts locally. Here’s my password.
Ways to auth
/etc/passwd
or/etc/shadow
- RSA/DSA
- Kerberos
- Host-based auth (rhosts or /etc/hosts)
Attacks
Considering that malware often attempts to steal SSH keys and SSH is also susceptible to machine-in-the-middle attacks.
❓How?