Acce55ing Rem0te Systems & File P3rms
What is SSH?
SSH or Secure SHell is network protocol for secure/encrypted communications between systems
SSH is often used for remote administration of "headless" servers in a client/server model.
Understanding SSH involves understanding of many key security concepts such as: encryption, ports, sockets, shells, services, connectivity.
How does it work?
SSH is based on the concept public key cryptography where a user must own a generated public/private key pair, and requires completion of a 3 way handshake to create a secure connection between systems.
Messages are created with a private key and can only be decrypted on the receiving end if that user has the associated public key.
Likewise returned messages are created using the public key and only a user owning the private key can successfully decrypt the message.
How does it work(more)?
SSH requires a few key components to access a remote system.
- Generation of a public/private key pair
ssh-keygen -t rsa -b 4096 -C "email@example.com"
2. Addition of public key to a remote systems ~/.ssh/authorized_keys file
3. Configuration of SSH service on remote systems /etc/ssh/sshd_config file
more ssh | grep skillz
$ ssh --help
# Default Connection Linux/Mac $ ssh firstname.lastname@example.org # Custom Port Connection Linux/Mac $ ssh -p 2222 email@example.com # Command line Putty Usage | PATH must be set C:\Users\MyUser putty.exe -ssh firstname.lastname@example.org
To make a connection:
File Permissions (Linux)
Files and Directories, in both Windows and Linux, have similar concepts of ownership
It usually comes down to who can:
In Linux these permissions are based on binary calculations
- Read - 4
- Write - 2
- Execute - 1
more File Permissions
To view file or directory permissions:
$ ls -la some/file/path
So who owns things?
Ownership generally comes down to 2 main categories:
- Groups(many users)
Group permissions are much easier to manage at scale than individual users, so it's best to categorize/segment your users
How to find files by properties?
Sometimes you need to search a system to find out ownership by user, group, or permissions:
The find utility allows us to search a file system for files matching certain characteristics.
# Find all files owned by user jason find / -user jason # Find all files owned by the group admins find / -group admins # Find a file by name find / -name somefile.txt # You can mix commands as well find / -user jason -group admins # There are many other options including: - File Permissions - Size of file - Case insensitive file match - File Path - ...and more
Accessing Remote Systems & File Perms
By Jason Sewell