📚 SSH

Intro

Secure shell. Common ports: 22.

Structure

The Flow

- Wanna talk

- Ok. Let’s talk. Here is my public key. Here are the protocols that I support.

- Thanks Checks for known hosts locally. Here’s my password.

Ways to auth

1. /etc/passwd or /etc/shadow
2. RSA/DSA
3. Kerberos
4. Host-based auth (rhosts or /etc/hosts)

Attacks

Considering that malware often attempts to steal SSH keys and SSH is also susceptible to machine-in-the-middle attacks.

❓How?