SSH, the Secure Shell The Definitive Guide ,TITLE.16235 Page 1 Tuesday, March 13, 2001 3:33 PM ,TITLE.16235 Page 2 Tuesday, March 13, 2001 3:33 PM SSH, the Secure Shell The Definitive Guide Daniel J. Barrett and Richard E. Silverman Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo ,TITLE.16235 Page 3 Tuesday, March 13, 2001 3:33 PM SSH, the Secure Shell: The Definitive Guide by Daniel J. Barrett and Richard E. Silverman Copyright © 2001 O’Reilly & Associates, Inc. All rights reserved. Printed in the United States of America. Published by O’Reilly & Associates, Inc., 101 Morris Street, Sebastopol, CA 95472. Editor: Mike Loukides Production Editor: Mary Anne Weeks Mayo Cover Designer: Ellie Volckhausen Printing History: February 2001: First Edition. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly & Associates, Inc. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly & Associates, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps. The association between the image of a land snail and the topic of SSH is a trademark of O’Reilly & Associates, Inc. While every precaution has been taken in the preparation of this book, the publisher assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein. ISBN: 0-596-00011-1 [3/01] [M] ,COPYRIGHT.25667 Page 1 Thursday, March 15, 2001 11:41 AM About the Authors Daniel J. Barrett, Ph.D., has been immersed in Internet technology since 1985. Currently a software engineer and vice president at a well-known financial services company, Dan has also been a heavy metal singer, Unix system administrator, university lecturer, web designer, and humorist. Dan has written several other O’Reilly books, including NetResearch: Finding Information Online and Bandits on the Information Superhighway, as well as monthly columns for Compute! and Keyboard Magazine. He and his family reside in Boston. You may write to Dan at dbarrett@oreilly.com. Richard E. Silverman first touched a computer as a college junior in 1986, when he logged into a DEC-20, typed “MM” to send some mail, and was promptly lost to the world. He eventually resurfaced and discovered he had a career, which was convenient but somewhat disorienting, since he hadn’t really been looking for one. Since earning his B.A. in computer science and M.A. in pure mathematics, Richard has worked in the fields of networking, formal methods in software devel- opment, public-key infrastructure, routing security, and Unix systems administration. Outside of work, he loves to read, study languages and mathe- matics, sing, dance, and exercise. You may reach Richard at res@oreilly.com. Colophon Our look is the result of reader comments, our own experimentation, and feed- back from distribution channels. Distinctive covers complement our distinctive approach to technical topics, breathing personality and life into potentially dry subjects. The animal on the cover of SSH, the Secure Shell: The Definitive Guide is a land snail (Mollusca gastropoda). A member of the mollusk family, a snail has a soft, moist body that is protected by a hard shell, into which it can retreat when in danger or when in arid or bright conditions. Snails prefer wet weather and, though not nocturnal, will stay out of bright sun. At the front of a snail’s long body are two sets of tentacles: its eyes are at the end of one set, and the other set is used for smelling and navigation. ,AUTHOR.COLO.16090 Page 1 Tuesday, March 13, 2001 3:33 PM Land snails are hermaphrodites, each having both female and male sex organs, though a snail must mate with another snail in order for fertilization to occur. A snail lays eggs approximately six times a year, with almost 100 eggs each time. Young snails hatch in a month and become adults in two years. A snail’s life span is approximately 5–10 years. Known as a slow mover, a snail moves by muscles on its underside that contract and expand, propelling the snail along at a slow pace. It leaves a wet trail of mucus, which protects the snail from anything sharp it may need to crawl over as it searches for food. The snail’s diet of plants, bark, and fruits causes it to be a pest in many parts of the world where it is notorious for destroying crops. Mary Anne Weeks Mayo was the production editor and copyeditor for SSH, the Secure Shell: The Definitive Guide. Colleen Gorman proofread the book. Rachel Wheeler and Jane Ellin provided quality control. Matt Hutchinson and Lucy Muellner provided production assistance. John Bickelhaupt revised the index. Ellie Volckhausen designed the cover of this book, based on a series design by Edie Freedman. The cover image is an original engraving from the book Natural History of Animals by Sanborn Tenney and Abby A. Tenney, published by Scribner, Armstrong & Co. in 1873. Emma Colby produced the cover layout with QuarkXPress 4.1 using Adobe’s ITC Garamond font. David Futato and Melanie Wang designed the interior layout based on a series design by Nancy Priest. Mike Sierra implemented the design in FrameMaker 5.5.6. The text and heading fonts are ITC Garamond Light and Garamond Book; the code font is Constant Willison. The illustrations that appear in the book were produced by Robert Romano using Macromedia FreeHand 8 and Adobe Photo- shop 5. This colophon was written by Nicole Arigo. Whenever possible, our books use a durable and flexible lay-flat binding. If the page count exceeds this binding’s limit, perfect binding is used. ,AUTHOR.COLO.16090 Page 2 Tuesday, March 13, 2001 3:33 PM v Oracle 8i Internal Services for Waits, Latches, Locks, and Memory, eMatter Edition Copyright © 2001 O’Reilly & Associates, Inc. All rights reserved. Table of Contents Preface ix 1. Introduction to SSH 1 1.1. What Is SSH? 2 1.2. What SSH Is Not 2 1.3. The SSH Protocol 4 1.4. Overview of SSH Features 5 1.5. History of SSH 10 1.6. Related Technologies 12 1.7. Summary 18 2. Basic Client Use 19 2.1. A Running Example 19 2.2. Remote Terminal Sessions with ssh 20 2.3. Adding Complexity to the Example 22 2.4. Authentication by Cryptographic Key 26 2.5. The SSH Agent 32 2.6. Connecting Without a Password or Passphrase 37 2.7. Miscellaneous Clients 38 2.8. Summary 40 3. Inside SSH 41 3.1. Overview of Features 42 3.2. A Cryptography Primer 45 3.3. The Architecture of an SSH System 49 3.4. Inside SSH-1 52 ,sshTOC.fm.11051 Page v Tuesday, February 20, 2001 2:14 PM vi Table of Contents Oracle 8i Internal Services for Waits, Latches, Locks, and Memory, eMatter Edition Copyright © 2001 O’Reilly & Associates, Inc. All rights reserved. 3.5. Inside SSH-2 72 3.6. As-User Access (userfile) 85 3.7. Randomness 86 3.8. SSH and File Transfers (scp and sftp) 88 3.9. Algorithms Used by SSH 91 3.10. Threats SSH Can Counter 100 3.11. Threats SSH Doesn’t Prevent 103 3.12. Summary 107 4. Installation and Compile-Time Configuration 108 4.1. SSH1 and SSH2 108 4.2. F-Secure SSH Server 129 4.3. OpenSSH 130 4.4. Software Inventory 134 4.5. Replacing R-Commands with SSH 135 4.6. Summary 138 5. Serverwide Configuration 139 5.1. The Name of the Server 140 5.2. Running the Server 141 5.3. Server Configuration: An Overview 143 5.4. Getting Ready: Initial Setup 148 5.5. Letting People in: Authentication and Access Control 166 5.6. User Logins and Accounts 187 5.7. Subsystems 190 5.8. History, Logging, and Debugging 192 5.9. Compatibility Between SSH-1 and SSH-2 Servers 201 5.10. Summary 203 6. Key Management and Agents 204 6.1. What Is an Identity? 205 6.2. Creating an Identity 209 6.3. SSH Agents 216 6.4. Multiple Identities 235 6.5. Summary 238 7. Advanced Client Use 240 7.1. How to Configure Clients 240 7.2. Precedence 250 7.3. Introduction to Verbose Mode 251 ,sshTOC.fm.11051 Page vi Tuesday, February 20, 2001 2:14 PM Table of Contents vii Oracle 8i Internal Services for Waits, Latches, Locks, and Memory, eMatter Edition Copyright © 2001 O’Reilly & Associates, Inc. All rights reserved. 7.4. Client Configuration in Depth 252 7.5. Secure Copy with scp 284 7.6. Summary 292 8. Per-Account Server Configuration 293 8.1. Limits of This Technique 294 8.2. Public Key-Based Configuration 295 8.3. Trusted-Host Access Control 313 8.4. The User rc File 315 8.5. Summary 315 9. Port Forwarding and X Forwarding 316 9.1. What Is Forwarding? 317 9.2. Port Forwarding 318 9.3. X Forwarding 340 9.4. Forwarding Security: TCP-wrappers and libwrap 353 9.5. Summary 359 10. A Recommended Setup 360 10.1. The Basics 360 10.2. Compile-Time Configuration 361 10.3. Serverwide Configuration 362 10.4. Per-Account Configuration 366 10.5. Key Management 367 10.6. Client Configuration 367 10.7. Remote Home Directories (NFS, AFS) 368 10.8. Summary 371 11. Case Studies 372 11.1. Unattended SSH: Batch or cron Jobs 372 11.2. FTP Forwarding 379 11.3. Pine, IMAP, and SSH 400 11.4. Kerberos and SSH 408 11.5. Connecting Through a GatewayHost 428 12. Troubleshooting and FAQ 437 12.1. Debug Messages: Your First Line of Defense 437 12.2. Problems and Solutions 440 12.3. Other SSH Resources 459 12.4. Reporting Bugs 460 ,sshTOC.fm.11051 Page vii Tuesday, February 20, 2001 2:14 PM viii Table of Contents Oracle 8i Internal Services for Waits, Latches, Locks, and Memory, eMatter Edition Copyright © 2001 O’Reilly & Associates, Inc. All rights reserved. 13. Overview of Other Implementations 461 13.1. Common Features 461 13.2. Covered Products 462 13.3. Table of Products 462 13.4. Other SSH-Related Products 470 14. SSH1 Port by Sergey Okhapkin (Windows) 471 14.1. Obtaining and Installing Clients 471 14.2. Client Use 475 14.3. Obtaining and Installing the Server 476 14.4. Troubleshooting 478 14.5. Summary 479 15. SecureCRT (Windows) 480 15.1. Obtaining and Installing 480 15.2. Basic Client Use 481 15.3. Key Management 482 15.4. Advanced Client Use 483 15.5. Forwarding 484 15.6. Troubleshooting 486 15.7. Summary 487 16. F-Secure SSH Client (Windows, Macintosh) 488 16.1. Obtaining and Installing 488 16.2. Basic Client Use 489 16.3. Key Management 490 16.4. Advanced Client Use 491 16.5. Forwarding 493 16.6. Troubleshooting 495 16.7. Summary 497 17. NiftyTelnet SSH (Macintosh) 498 17.1. Obtaining and Installing 498 17.2. Basic Client Use 499 17.3. Troubleshooting 501 17.4. Summary 502 A. SSH2 Manpage for sshregex 503 B. SSH Quick Reference 506 Index 521 ,sshTOC.fm.11051 Page viii Tuesday, February 20, 2001 2:14 PM [...]... OpenSSH The product OpenSSH from the OpenBSD project (see http:// www.openssh.com/), which implements both the SSH- 1 and SSH- 2 protocols OpenSSH/1 OpenSSH, referring specifically to its behavior when using the SSH- 1 protocol OpenSSH/2 OpenSSH, referring specifically to its behavior when using the SSH- 2 protocol SSH completely avoids these problems Rather than running the insecure telnet program, you run the. .. 1.5 are the best known, and we will write SSH1 .3 and SSH- 1.5 should the distinction be necessary SSH- 2 The SSH protocol, Version 2, as defined by several draft standards documents of the IETF SECSH working group [3.5.1] SSH1 Tatu Ylönen’s software implementing the SSH- 1 protocol; the original SSH Now distributed and maintained (minimally) by SSH Communications Security, Inc SSH2 The SSH Secure Shell ... book is current for the following Unix SSH versions” SSH1 1.2.30 F -Secure SSH1 1.3.7 OpenSSH 2.2.0 SSH Secure Shell (a.k.a SSH2 ) 2.3.0 F -Secure SSH2 2.0.13 The F -Secure products for Unix differ little from SSH1 and SSH2 , so we won’t discuss them separately except for unique features See Appendix B for a summary of the differences Version information for non-Unix products is found in their respective chapters... public interest The SECSH working group submitted the first Internet Draft for the SSH- 2.0 protocol in February 1997 In 1998, SCS released the software product SSH Secure Shell (SSH2 ), based on the superior SSH- 2 protocol However, SSH2 didn’t replace SSH1 in the field, for two reasons First, SSH2 was missing a number of useful, practical features and configuration options of SSH1 Second, SSH2 had a more... This refers to SCS’s SSH1 and SSH2 , F -Secure SSH Server (Versions 1 and 2), OpenSSH, and any other ports of the SSH1 or SSH2 code base for Unix or other operating systems The term doesn’t encompass other SSH products (SecureCRT, NiftyTelnet SSH, F -Secure s Windows and Macintosh clients, etc.) 1.6 Related Technologies SSH is popular and convenient, but we certainly don’t claim it is the ultimate security... SSH Communications Security, Inc (http://www .ssh. com) This is a commercial SSH- 2 protocol implementation, though it is licensed free of charge in some circumstances ssh (all lowercase letters) A client program included in SSH1 , SSH2 , OpenSSH, F -Secure SSH, and other products, for running secure terminal sessions and remote commands In SSH1 and SSH2 , it is also named ssh1 or ssh2 , respectively OpenSSH... denoted with dashes: SSH- 1, SSH- 2 • Products are denoted in uppercase, without dashes: SSH1 , SSH2 • Client programs are in lowercase: ssh, ssh1 , ssh2 , etc 1.4 Overview of SSH Features So, what can SSH do? Let’s run through some examples that demonstrate the major features of SSH, such as secure remote logins, secure file copying, and secure invocation of remote commands We use SSH1 in the examples, but... use only for qualifying educational and non-profit entities As a result, when SSH2 first appeared, most existing SSH1 users saw few advantages to SSH2 and continued to use SSH1 As of this writing, three years after the introduction of the SSH- 2 protocol, SSH- 1 is still the most widely deployed version on the Internet, even though SSH- 2 is a better and more secure protocol This situation promises to... discovered as the software grew in popularity These problems couldn’t be fixed without losing backward compatibility, so in 1996, SCS introduced a new, major version of the protocol, SSH 2.0 or SSH- 2, that incorporates new algorithms and is incompatible with SSH- 1 In response, the IETF formed a working group called SECSH (Secure Shell) to standardize the protocol and guide its development in the public... of those insecure rhosts and hosts.equiv files! (Though SSH can work with them as well, if you like.) If you’re still using the r-commands, switch to SSH immediately: the learning curve is small, and security is far better 1.2 What SSH Is Not Although SSH stands for Secure Shell, it is not a true shell in the sense of the Unix Bourne shell and C shell It is not a command interpreter, nor does it provide . on the context. If A is secured using multiple keys (say K and L), they will be listed in the subscript, separated by commas: A K, L SSH1 1.2.30 F -Secure SSH1 1.3.7 OpenSSH 2.2.0 SSH Secure Shell. forth. Rather, SSH creates a chan- * SSH is pronounced by spelling it aloud: S-S-H. You might find the name Secure Shell a little puzzling, because it is not, in fact, a shell at all. The name. reserved. 1.1. What Is SSH? SSH, the Secure Shell, is a popular, powerful, software-based approach to net- work security. * Whenever data is sent by a computer to the network, SSH automat- ically encrypts