Upload
sourav-roy
View
1.557
Download
4
Embed Size (px)
DESCRIPTION
Citation preview
The SSH (Secure Shell) Remote Login Protocol
INTRODUCTION
• SSH (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another.
• It provides strong authentication and secure communications over insecure networks.
FEATURES
• Closes several security holes (e.g., IP, routing, and DNS spoofing).
• It provides strong authentication and secure communications over insecure networks.
• All communications are automatically and transparently encrypted. Encryption is also used to protect integrity.
• Arbitrary TCP/IP ports can be redirected over the encrypted channel in both directions.
Examples of what SSH can be used for are:
• Access to the UNIX-like environment from a Windows machine.
• Work from home with access to your file store.
• Copying files between your file store and another machine;
• Read restricted web pages
• Other protocols, such as RSH (remote shell) and Telnet, allow computers to communicate in a similar way to SSH. These protocols are now considered insecure .
RLOGIN(INTRODUCTION)
• rlogin is also the name of the application layer protocol used by the software, part of the TCP/IP protocol suite.
• Authenticated users can act as if they were physically present at the computer.
• The rlogin facility provides a remote-echoed, locally flow-controlled virtual terminal with proper flushing of output.
USE
• rlogin is most commonly deployed on corporate or academic networks, where user account information is shared between all the Unix machines on the network .
• rlogin allows logins without password (where rlogin trusts a remote rlogin client) .
SECURITY rlogin has several serious security problems:• All information, including passwords, is transmitted unencrypted
(making it vulnerable to interception).• The rlogin file is easy to misuse (potentially allowing anyone to
login without a password) - for this reason many corporate system administrators prohibit rlogin files and actively search their networks for offenders.
• The protocol partly relies on the remote party's rlogin client providing information honestly (including source port and source host name). A corrupt client is thus able to forge this and gain access, as the rlogin protocol has no means of authenticating other machines' identities, or ensuring that the rlogin client on a trusted machine is the real rlogin client.